CVE-2023-4157

🗓️ 04 Aug 2023 18:17:15Reported by @huntrdevType

CVE-2023-4157 CWE-74 in GitHub repo omeka/omeka-s prior to v4.0.

Reporter	Title	Published	Views	Family All 8
Huntr	HTML Injection Leads To Open Redirect	27 Jul 202319:57	–	huntr
Vulnrichment	CVE-2023-4157 Improper Neutralization of Special Elements in Output Used by a Downstream Component in omeka/omeka-s	4 Aug 202317:15	–	vulnrichment
OSV	CVE-2023-4157	4 Aug 202318:15	–	osv
OSV	omeka/omeka-s Improper Input Validation vulnerability	4 Aug 202318:30	–	osv
Prion	Design/Logic Flaw	4 Aug 202318:15	–	prion
Cvelist	CVE-2023-4157 Improper Neutralization of Special Elements in Output Used by a Downstream Component in omeka/omeka-s	4 Aug 202317:15	–	cvelist
NVD	CVE-2023-4157	4 Aug 202318:15	–	nvd
Github Security Blog	omeka/omeka-s Improper Input Validation vulnerability	4 Aug 202318:30	–	github

Nvd

Node

omeka omeka_sRange<4.0.3

[
  {
    "defaultStatus": "unaffected",
    "product": "omeka/omeka-s",
    "vendor": "omeka",
    "versions": [
      {
        "lessThan": "4.0.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/omeka/omeka-s/commit/8b72619d9731b32dd21ab6dcaa01ccc3bbf0db63
huntr	www.huntr.dev/bounties/abc3521b-1238-4c4e-97f1-2957db670014

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Aug 2023 18:15Current

5.1Medium risk

Vulners AI Score5.1

CVSS34.8 - 5.2

EPSS0.0026

SSVC

CWE-74