Lucene search
HistoryOct 21, 2023 - 1:15 a.m.
CVE-2023-38194
xss
superwebmailer
vulnerability
nvd
cve-2023-38194
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
30.9%
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows keepalive.php XSS via a GET parameter.
Affected configurations
Node
superwebmailersuperwebmailerMatch9.00.0.01710
| CPE | Name | Operator | Version |
|---|---|---|---|
| superwebmailer:superwebmailer | superwebmailer | eq | 9.00.0.01710 |
Related
nvd
nvd
CVE-2023-38194
2023-10-21 01:15:08
cvelist
cvelist
CVE-2023-38194
2023-10-21 00:00:00
nuclei
nuclei
SuperWebMailer - Cross-Site Scripting
2024-06-07 10:19:17
prion
prion
Design/Logic Flaw
2023-10-21 01:15:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
30.9%
Related for CVE-2023-38194