Lucene search
China National Vulnerability DatabaseCNVD-2023-63195HistoryJul 27, 2023 - 12:00 a.m.
BloodBank Cross-Site Scripting Vulnerability
2023-07-2700:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
bloodbank
cross-site scripting
vulnerability
user-supplied data
web script
html
injection
security
0.001 Low
EPSS
Percentile
19.6%
BloodBank is a responsive blood bank and donor content management system (CMS). A cross-site scripting vulnerability exists in BloodBank version 1.1, which stems from a lack of effective filtering and escaping of user-supplied data in the file page.php, and can be exploited by an attacker to execute arbitrary web script or HTML by injecting a crafted payload.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bloodbank bloodbank | eq | 1.1 |
Related
cve
cve
CVE-2023-3853
2023-07-23 23:15:09
prion
prion
Cross site scripting
2023-07-23 23:15:00
nvd
nvd
CVE-2023-3853
2023-07-23 23:15:09
cvelist
cvelist
CVE-2023-3853 phpscriptpoint BloodBank page.php cross site scripting
2023-07-23 22:31:04