Lucene search
HistoryNov 13, 2023 - 5:15 p.m.
CVE-2023-39166
cve-2023-39166
csrf
tagdiv composer
xss
vulnerability
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.0%
Cross-Site Request Forgery (CSRF) vulnerability in tagDiv tagDiv Composer allows Cross-Site Scripting (XSS).This issue affects tagDiv Composer: from n/a before 4.4.
Affected configurations
Node
tagdivtagdiv_composerRange<4.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| tagdiv | tagdiv_composer | * | cpe:2.3:a:tagdiv:tagdiv_composer:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "tagDiv Composer",
"vendor": "tagDiv",
"versions": [
{
"changes": [
{
"at": "4.4",
"status": "unaffected"
}
],
"lessThan": "4.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site request forgery (csrf)
2023-11-13 17:15:00
cvelist
cvelist
nvd
nvd
CVE-2023-39166
2023-11-13 17:15:07
wordfence
wordfence
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
17.0%
Related for CVE-2023-39166