Vulnerabilities > Europeana > Repox > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-13 | CVE-2023-6719 | Unspecified vulnerability in Europeana Repox 2.3.7 An XSS vulnerability has been detected in Repox, which allows an attacker to compromise interactions between a user and the vulnerable application, and can be exploited by a third party by sending a specially crafted JavaScript payload to a user, and thus gain full control of their session. | 6.1 |
| 2023-12-13 | CVE-2023-6720 | Unspecified vulnerability in Europeana Repox 2.3.7 An XSS vulnerability stored in Repox has been identified, which allows a local attacker to store a specially crafted JavaScript payload on the server, due to the lack of proper sanitisation of field elements, allowing the attacker to trigger the malicious payload when the application loads. | 5.4 |