Lucene search

K
cve[email protected]CVE-2023-3652
HistoryAug 08, 2023 - 3:15 p.m.

CVE-2023-3652

2023-08-0815:15:10
CWE-79
web.nvd.nist.gov
22
cve-2023-3652
reflected xss
digital ant
e-commerce software
vulnerability
nvd

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.0%

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Digital Ant E-Commerce Software allows Reflected XSS.This issue affects E-Commerce Software: before 11.

Affected configurations

NVD
Node
digital-antdigital_antRange<11

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "E-Commerce Software",
    "vendor": "Digital Ant",
    "versions": [
      {
        "lessThan": "11",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.0005 Low

EPSS

Percentile

17.0%

Related for CVE-2023-3652