Lucene search
MitreCVE-2023-23010HistoryJan 20, 2023 - 7:15 p.m.
CVE-2023-23010
2023-01-2019:15:18
CWE-79
mitre
web.nvd.nist.gov
23
cve-2023-23010
cross site scripting
xss
ecommerce
codeigniter
bootstrap
security vulnerability
arbitrary code execution
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
44.2%
Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5 (on Dec 27, 2022), allows attackers to execute arbitrary code via the languages and trans_load parameters in file add_product.php.
Affected configurations
Node
ecommerce-codeigniter-bootstrap_projectecommerce-codeigniter-bootstrapRange<2022-12-27
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ecommerce-codeigniter-bootstrap_project | ecommerce-codeigniter-bootstrap | * | cpe:2.3:a:ecommerce-codeigniter-bootstrap_project:ecommerce-codeigniter-bootstrap:*:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2023-23010
2023-01-20 00:00:00
osv
osv
CVE-2023-23010
2023-01-20 19:15:18
prion
prion
Cross site scripting
2023-01-20 19:15:00
nvd
nvd
CVE-2023-23010
2023-01-20 19:15:18
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
44.2%
Related for CVE-2023-23010