Lucene search

K

GoogleOSV:CVE-2023-25241

HistoryFeb 13, 2023 - 9:15 p.m.

CVE-2023-25241

2023-02-1321:15:15

Google

osv.dev

6

bgerp

v22.31

reflected xss

search parameter

vulnerability

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

30.8%

bgERP v22.31 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Search parameter.

References

github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/bgERP/2023/bgERP-v22.31-Cookie-Session-vulnerability%2BXSS-Reflected

portswigger.net/kb/issues/00500b01_cookie-manipulation-reflected-dom-based

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

30.8%

Related for OSV:CVE-2023-25241

prion1 cvelist1 nvd1 cve1