Lucene search

[email protected]NVD:CVE-2023-39115

HistoryAug 16, 2023 - 3:15 p.m.

CVE-2023-39115

2023-08-1615:15:11

CWE-434

[email protected]

web.nvd.nist.gov

cve-2023-39115

install

aiz-uploader

upload

campcodes

online

matrimonial

website

system

script

xss

crafted

svg

document

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

install/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.

Affected configurations

NVD

Node

campcodescomplete_online_matrimonial_website_system_scriptMatch3.3

References

packetstormsecurity.com/files/173950/Campcodes-Online-Matrimonial-Website-System-3.3-Cross-Site-Scripting.html

github.com/Raj789-sec/CVE-2023-39115

www.campcodes.com/projects/php/online-matrimonial-website-system-script-in-php/

www.exploit-db.com/exploits/51656

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.9%

JSON

Related for NVD:CVE-2023-39115

prion1 cve1 zdt1 cvelist1 packetstorm1 exploitdb1