Lucene search

CVE-2023-40176

🗓️ 23 Aug 2023 20:08:15Reported by GoogleType

osv🔗 osv.dev👁 12 Views

XWiki Platform stored XSS through time zone user preference

Reporter	Title	Published	Views	Family All 8
Prion	Design/Logic Flaw	23 Aug 202320:15	–	prion
Vulnrichment	CVE-2023-40176 SXSS in the user profile via the timezone displayer	23 Aug 202319:33	–	vulnrichment
Cvelist	CVE-2023-40176 SXSS in the user profile via the timezone displayer	23 Aug 202319:33	–	cvelist
OSV	XWiki Platform Stored Cross-site Scripting in the user profile via the timezone displayer	21 Aug 202319:59	–	osv
Github Security Blog	XWiki Platform Stored Cross-site Scripting in the user profile via the timezone displayer	21 Aug 202319:59	–	github
CVE	CVE-2023-40176	23 Aug 202320:15	–	cve
NVD	CVE-2023-40176	23 Aug 202320:15	–	nvd
OpenVAS	XWiki 4.1-milestone-2 < 14.10.5 XSS Vulnerability (GHSA-h8cm-3v5f-rgp6)	24 Aug 202300:00	–	openvas

Source	Link
github	www.github.com/xwiki/xwiki-platform/security/advisories/GHSA-h8cm-3v5f-rgp6
jira	www.jira.xwiki.org/browse/XWIKI-7847
github	www.github.com/xwiki/xwiki-platform/commit/d11ca5d781f8a42a85bc98eb82306c1431e764d4

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Aug 2023 20:15Current

6Medium risk

Vulners AI Score6

CVSS35.4 - 9

EPSS0.00065

SSVC