Lucene search

K
nvd[email protected]NVD:CVE-2023-48317
HistoryNov 30, 2023 - 5:15 p.m.

CVE-2023-48317

2023-11-3017:15:11
CWE-79
web.nvd.nist.gov
cve-2023-48317
improper neutralization of input
web page generation
cross-site scripting
vikas vatsa display custom post
stored xss

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

14.0%

Improper Neutralization of Input During Web Page Generation (β€˜Cross-site Scripting’) vulnerability in Vikas Vatsa Display Custom Post allows Stored XSS.This issue affects Display Custom Post: from n/a through 2.2.1.

Affected configurations

NVD
Node
vikasvatsadisplay_custom_postRange≀2.2.1wordpress

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

14.0%

Related for NVD:CVE-2023-48317