Lucene search
HistoryAug 08, 2023 - 7:15 p.m.
CVE-2023-39518
social media
skeleton
php
mysql
css
javascript
html
stored xss
vulnerability
patch
nvd
cve-2023-39518
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.3%
social-media-skeleton is an uncompleted social media project implemented using PHP, MySQL, CSS, JavaScript, and HTML. Versions 1.0.0 until 1.0.3 have a stored cross-site scripting vulnerability. The problem is patched in v1.0.3.
Affected configurations
Node
fobybussocial-media-skeletonRange1.0.0–1.0.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fobybus | social\-media\-skeleton | * | cpe:2.3:a:fobybus:social\-media\-skeleton:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "fobybus",
"product": "social-media-skeleton",
"versions": [
{
"version": ">= 1.0.0, < 1.0.3",
"status": "affected"
}
]
}
]Related
huntr
huntr
Multiple Stored XSS Found
2023-08-05 14:12:25
nvd
nvd
CVE-2023-39518
2023-08-08 19:15:10
cvelist
cvelist
osv
osv
CVE-2023-39518
2023-08-08 19:15:10
prion
prion
Cross site scripting
2023-08-08 19:15:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.3%
Related for CVE-2023-39518