Limited Black Friday Offer:
Security for everyone

ChurchCRM 4.5.3 - Cross-Site Scripting CVE-2023-25346 Scanner

Remote attacker can perform a reflected cross site scripting attack (XSS) by injecting malicious payload.

SCAN NOW

Short Info

Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Parent Category

ChurchCRM 4.5.3 - Cross-Site Scripting CVE-2023-25346 Scanner Detail

A reflected cross-site scripting (XSS) vulnerability in ChurchCRM 4.5.3 allows remote attackers to inject arbitrary web script or HTML via the id parameter of /churchcrm/v2/family/not-found.