Lucene search

K
friendsofphpOpenJS FoundationFRIENDSOFPHP:SYMFONY:SYMFONY:CVE-2023-46735
HistoryNov 10, 2023 - 8:00 a.m.

CVE-2023-46735: Potential XSS in WebhookController

2023-11-1008:00:00
OpenJS Foundation
github.com
12
xss
webhookcontroller
symfony
cve-2023-46735
software

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

17.0%

Affected configurations

Vulners
Node
symfonysymfonyRange<6.3.8
VendorProductVersionCPE
symfonysymfony*cpe:2.3:a:symfony:symfony:*:*:*:*:*:*:*:*

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

7.2

Confidence

Low

EPSS

0.001

Percentile

17.0%