← Volver a CVEs
CVE-2023-47437
MEDIUM5.4
Descripcion
A vulnerability has been identified in Pachno 1.0.6 allowing an authenticated attacker to execute a cross-site scripting (XSS) attack. The vulnerability exists due to inadequate input validation in the Project Description and comments, which enables an attacker to inject malicious java script.
Detalles CVE
Puntuacion CVSS v3.15.4
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioREQUIRED
Publicado11/28/2023
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
pachno:pachno
Debilidades (CWE)
CWE-79
Referencias
https://github.com/herombey/CVE-2023-47437(cve@mitre.org)
https://github.com/pachno/pachno(cve@mitre.org)
https://github.com/herombey/CVE-2023-47437(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/pachno/pachno(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.