← Zuruck zu CVEs
CVE-2023-47437
MEDIUM5.4
Beschreibung
A vulnerability has been identified in Pachno 1.0.6 allowing an authenticated attacker to execute a cross-site scripting (XSS) attack. The vulnerability exists due to inadequate input validation in the Project Description and comments, which enables an attacker to inject malicious java script.
CVE Details
CVSS v3.1 Bewertung5.4
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionREQUIRED
Veroffentlicht11/28/2023
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
pachno:pachno
Schwachen (CWE)
CWE-79
Referenzen
https://github.com/herombey/CVE-2023-47437(cve@mitre.org)
https://github.com/pachno/pachno(cve@mitre.org)
https://github.com/herombey/CVE-2023-47437(af854a3a-2127-422b-91ae-364da2661108)
https://github.com/pachno/pachno(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.