Lucene search

K
cvelistJpcertCVELIST:CVE-2023-27925
HistoryMay 23, 2023 - 12:00 a.m.

CVE-2023-27925

2023-05-2300:00:00
jpcert
www.cve.org
6
cross-site scripting
remote attacker
arbitrary script injection
vk blocks

EPSS

0.001

Percentile

44.5%

Cross-site scripting vulnerability in Post function of VK Blocks 1.53.0.1 and earlier and VK Blocks Pro 1.53.0.1 and earlier allows a remote authenticated attacker to inject an arbitrary script.

CNA Affected

[
  {
    "vendor": "Vektor,Inc.",
    "product": "VK Blocks and VK Blocks Pro",
    "versions": [
      {
        "version": "VK Blocks 1.53.0.1 and earlier, and VK Blocks Pro 1.53.0.1 and earlier",
        "status": "affected"
      }
    ]
  }
]

EPSS

0.001

Percentile

44.5%

Related for CVELIST:CVE-2023-27925