Lucene search

[email protected]NVD:CVE-2023-6673

HistoryFeb 02, 2024 - 1:15 p.m.

CVE-2023-6673

2024-02-0213:15:09

CWE-79

[email protected]

web.nvd.nist.gov

cybermath

input neutralization

cross-site scripting

cve-2023-6673

national keep cyber security services

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

17.0%

JSON

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in National Keep Cyber Security Services CyberMath allows Reflected XSS.This issue affects CyberMath: from v.1.4 before v.1.5.

Affected configurations

Nvd

Node

nationalkeepcybermathMatch1.4

VendorProductVersionCPE
nationalkeepcybermath1.4cpe:2.3:a:nationalkeep:cybermath:1.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
nationalkeep	cybermath	1.4	cpe:2.3:a:nationalkeep:cybermath:1.4:::::::*

References

www.usom.gov.tr/bildirim/tr-24-0080

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

17.0%

JSON

Related for NVD:CVE-2023-6673

cvelist1 vulnrichment1 cve1 prion1