Lucene search
HistoryNov 13, 2023 - 6:15 p.m.
CVE-2023-32123
cve-2023-32123
csrf
cross-site request forgery
dream-theme the7
stored xss
nvd
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.1%
Cross-Site Request Forgery (CSRF) vulnerability in Dream-Theme The7 allows Stored XSS.This issue affects The7: from n/a through 11.7.3.
Affected configurations
Node
dream-themethe7Rangeβ€11.7.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| dream\-theme | the7 | * | cpe:2.3:a:dream\-theme:the7:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "The7",
"vendor": "Dream-Theme",
"versions": [
{
"changes": [
{
"at": "11.7.3.1",
"status": "unaffected"
}
],
"lessThanOrEqual": "11.7.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-11-13 18:15:00
nvd
nvd
CVE-2023-32123
2023-11-13 18:15:07
cvelist
cvelist
wordfence
wordfence
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.1%
Related for CVE-2023-32123