Lucene search
PRIOn knowledge basePRION:CVE-2023-2398HistoryJun 12, 2023 - 6:15 p.m.
Cross site scripting
2023-06-1218:15:00
PRIOn knowledge base
www.prio-n.com
3
icegram engage
cross-site scripting
reflected
wordpress
attribute
high privilege users
admin
0.001 Low
EPSS
Percentile
23.1%
The Icegram Engage WordPress plugin before 3.1.12 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
| CPE | Name | Operator | Version |
|---|---|---|---|
| icegram_engage | lt | 3.1.12 |
Related
cvelist
cvelist
CVE-2023-2398 Icegram Engage < 3.1.12 - Reflected XSS
2023-06-12 17:28:22
wpexploit
wpexploit
Icegram Engage < 3.1.12 - Reflected XSS
2023-05-22 00:00:00
wpvulndb
wpvulndb
Icegram Engage < 3.1.12 - Reflected XSS
2023-05-22 00:00:00
nvd
nvd
CVE-2023-2398
2023-06-12 18:15:10
cve
cve
CVE-2023-2398
2023-06-12 18:15:10