Lucene search
MitreCVE-2023-39599HistoryAug 22, 2023 - 7:16 p.m.
CVE-2023-39599
2023-08-2219:16:39
CWE-79
mitre
web.nvd.nist.gov
12
cve-2023-39599
cross-site scripting
xss vulnerability
csz cms
nvd
security
arbitrary code execution
crafted payload
social settings parameter
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
26.9%
Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter.
Affected configurations
Node
cszcmscsz_cmsMatch1.3.0
Related
nvd
nvd
CVE-2023-39599
2023-08-22 19:16:39
prion
prion
Cross site scripting
2023-08-22 19:16:00
cvelist
cvelist
CVE-2023-39599
2023-08-22 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
26.9%
Related for CVE-2023-39599