Vulnerabilities > Dmpop > Mejiro > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-01 CVE-2023-46448 Cross-site Scripting vulnerability in Dmpop Mejiro
Reflected Cross-Site Scripting (XSS) vulnerability in dmpop Mejiro Commit Versions Prior To 3096393 allows attackers to run arbitrary code via crafted string in metadata of uploaded images.
network
low complexity
dmpop CWE-79
6.1