Lucene search
HistoryDec 28, 2023 - 6:15 a.m.
CVE-2023-49469
cve
2023
49469
reflected cross site scripting
xss
shaarli
v0.12.2
nvd
security vulnerability
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
32.3%
Reflected Cross Site Scripting (XSS) vulnerability in Shaarli v0.12.2, allows remote attackers to execute arbitrary code via search tag function.
Affected configurations
Node
shaarli_projectshaarliMatch0.12.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| shaarli_project:shaarli | shaarli project shaarli | eq | 0.12.2 |
Related
nvd
nvd
CVE-2023-49469
2023-12-28 06:15:44
debiancve
debiancve
CVE-2023-49469
2023-12-28 06:15:44
ubuntucve
ubuntucve
CVE-2023-49469
2023-12-28 00:00:00
prion
prion
Cross site scripting
2023-12-28 06:15:00
cvelist
cvelist
CVE-2023-49469
2023-12-28 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
32.3%
Related for CVE-2023-49469