Lucene search

TR-CERTCVELIST:CVE-2023-3653

HistoryAug 08, 2023 - 2:42 p.m.

CVE-2023-3653 Stored XSS in Digital Ant E-Commerce Software

2023-08-0814:42:18

CWE-79

TR-CERT

www.cve.org

digital ant

e-commerce software

stored xss

web page generation

vulnerability

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

14.0%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Digital Ant E-Commerce Software allows Stored XSS.This issue affects E-Commerce Software: before 11.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "E-Commerce Software",
    "vendor": "Digital Ant",
    "versions": [
      {
        "lessThan": "11",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

https://www.usom.gov.tr/bildirim/tr-23-0443