CVE-2023-5378

🗓️ 29 Jan 2024 11:11:11Reported by CERT-PLType

Improper Input Validation in MegaBIP & SmodBIP software allows Stored XSS

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2023-5378	29 Jan 202413:21	–	circl
CNNVD	MegaBIP Cross-Site Scripting Vulnerability	29 Jan 202400:00	–	cnnvd
Cvelist	CVE-2023-5378 Stored XSS in SmodBIP and MegaBIP	29 Jan 202411:11	–	cvelist
EUVD	EUVD-2023-57694	3 Oct 202520:07	–	euvd
NVD	CVE-2023-5378	29 Jan 202412:15	–	nvd
OSV	CVE-2023-5378	29 Jan 202412:15	–	osv
Prion	Input validation	29 Jan 202412:15	–	prion
Positive Technologies	PT-2024-14791 · Smodbip +1 · Smodbip +1	29 Jan 202400:00	–	ptsecurity
Vulnrichment	CVE-2023-5378 Stored XSS in SmodBIP and MegaBIP	29 Jan 202411:11	–	vulnrichment

NVD

Vulners

Node

megabip megabipRange≤4.36.2

smod smodbipRange≤2.21

[
  {
    "defaultStatus": "unknown",
    "product": "MegaBIP",
    "repo": "https://megabip.pl/pobierz/1",
    "vendor": "Jan Syski",
    "versions": [
      {
        "lessThanOrEqual": "4.36.2",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThan": "*",
        "status": "unaffected",
        "version": "5.08",
        "versionType": "semver"
      }
    ]
  },
  {
    "defaultStatus": "affected",
    "product": "SmodBIP",
    "repo": "https://smod.pl/pliki/smodbip221.zip",
    "vendor": "Jan Syski",
    "versions": [
      {
        "lessThan": "*",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
megabip	www.megabip.pl/
smod	www.smod.pl/
cert	www.cert.pl/posts/2023/12/CVE-2023-5378
cert	www.cert.pl/en/posts/2023/12/CVE-2023-5378

21 Nov 2024 08:41Current

5.9Medium risk

Vulners AI Score5.9

CVSS 3.15.4 - 8.8

EPSS0.00115

SSVC

CWE-79