CVE-2023-53906 — projectSend r1605 contains a stored cross-site scripting vulnerability that allows authenticated administrators to inject malicious JavaScript through the custom assets configuration page. Attackers c — CVE Database · The Intelligence Room