Bludit v3.14.1 is vulnerable to Stored Cross Site Scripting (XSS) via SVG file on site logo. NOTE: the product's security model is that users are trusted by the administrator to insert arbitrary content (users cannot create their own accounts through self-registration).
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/31xxx/CVE-2023-31698.json",
"cna_assigner": "mitre",
"isDisputed": true
}