29Ara
CVE-2023-7171 | Novel-Plus up to 4.2.0 Friendly Link FriendLinkController.java cross site scripting
A vulnerability was found in Novel-Plus up to 4.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file novel-admin/src/main/java/com/java2nb/novel/controller/FriendLinkController.java of the component Friendly Link Handler. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2023-7171. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.