CVE-2023-1197

🗓️ 06 Mar 2023 16:10:15Reported by @huntrdevType

Cross-site Scripting (XSS) in uvdesk/community-skeleto

Reporter	Title	Published	Views	Family All 9
OSV	CVE-2023-1197	6 Mar 202316:15	–	osv
OSV	uvdesk/community-skeleton vulnerable to Stored Cross-site Scripting	6 Mar 202318:30	–	osv
Cvelist	CVE-2023-1197 Cross-site Scripting (XSS) - Stored in uvdesk/community-skeleton	6 Mar 202300:00	–	cvelist
Prion	Cross site scripting	6 Mar 202316:15	–	prion
Veracode	Cross-site Scripting (XSS)	10 Mar 202301:57	–	veracode
Huntr	Cross-Site Scripting (Stored/Persistent) in Categories	23 Feb 202323:49	–	huntr
Vulnrichment	CVE-2023-1197 Cross-site Scripting (XSS) - Stored in uvdesk/community-skeleton	6 Mar 202300:00	–	vulnrichment
NVD	CVE-2023-1197	6 Mar 202316:15	–	nvd
Github Security Blog	uvdesk/community-skeleton vulnerable to Stored Cross-site Scripting	6 Mar 202318:30	–	github

Nvd

Node

uvdesk community-skeletonRange<1.1.0

[
  {
    "vendor": "uvdesk",
    "product": "uvdesk/community-skeleton",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "1.1.0",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/uvdesk/community-skeleton/commit/6fae9442361c8a216611d3622bec26249a8c48a0
huntr	www.huntr.dev/bounties/97d226ea-2cd8-4f4d-9360-aa46c37fdd26

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Mar 2023 16:15Current

4.5Medium risk

Vulners AI Score4.5

CVSS34.3 - 4.8

EPSS0.00054

SSVC

CWE-79