ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file.
{ "cna_assigner": "mitre", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/31xxx/CVE-2023-31699.json" }
{ "cpe": "cpe:2.3:a:churchcrm:churchcrm:4.5.4:*:*:*:*:*:*:*", "source": "CPE_STRING", "extracted_events": [ { "introduced": "4.5.4" }, { "last_affected": "4.5.4" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-31699.json"