Lucene search
JpcertCVE-2023-39543HistoryAug 21, 2023 - 9:15 a.m.
CVE-2023-39543
2023-08-2109:15:09
CWE-79
jpcert
web.nvd.nist.gov
28
cve-2023-39543
cross-site scripting
vulnerability
luxcal web calendar
mysql
sqlite
remote attacker
arbitrary script
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.002
Percentile
53.1%
Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product.
Affected configurations
Node
luxsoftluxcal_web_calendarRange<5.2.3m
Node
luxsoftluxcal_web_calendarRange<5.2.3l
| Vendor | Product | Version | CPE |
|---|---|---|---|
| luxsoft | luxcal_web_calendar | * | cpe:2.3:a:luxsoft:luxcal_web_calendar:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "LuxSoft ",
"product": "LuxCal Web Calendar",
"versions": [
{
"version": "prior to 5.2.3M (MySQL version)",
"status": "affected"
}
]
},
{
"vendor": "LuxSoft ",
"product": "LuxCal Web Calendar",
"versions": [
{
"version": "prior to 5.2.3L (SQLite version)",
"status": "affected"
}
]
}
]Related
cvelist
cvelist
CVE-2023-39543
2023-08-21 08:14:05
prion
prion
Cross site scripting
2023-08-21 09:15:00
nvd
nvd
CVE-2023-39543
2023-08-21 09:15:09
sqlite
sqlite
SQLite report about CVE-2023-39543
2023-01-01 00:00:00
jvn
jvn
JVN#04876736: Multiple vulnerabilities in LuxCal Web Calendar
2023-08-21 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.002
Percentile
53.1%
Related for CVE-2023-39543