Lucene search
HistoryFeb 09, 2023 - 8:15 p.m.
CVE-2023-24322
cve-2023-24322
xss
security vulnerability
mojoportal
filedialog.aspx
nvd
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.002 Low
EPSS
Percentile
52.4%
A reflected cross-site scripting (XSS) vulnerability in the FileDialog.aspx component of mojoPortal v2.7.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ed and tbi parameters.
Affected configurations
Node
mojoportalmojoportalMatch2.7.0.0
| CPE | Name | Operator | Version |
|---|---|---|---|
| mojoportal:mojoportal | mojoportal | eq | 2.7.0.0 |
Related
osv
osv
CVE-2023-24322
2023-02-09 20:15:11
nuclei
nuclei
mojoPortal 2.7.0.0 - Cross-Site Scripting
2023-02-20 13:20:07
nvd
nvd
CVE-2023-24322
2023-02-09 20:15:11
prion
prion
Cross site scripting
2023-02-09 20:15:00
cvelist
cvelist
CVE-2023-24322
2023-02-09 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.002 Low
EPSS
Percentile
52.4%
Related for CVE-2023-24322