Lucene search

PRIOn knowledge basePRION:CVE-2023-36223

HistoryJul 03, 2023 - 9:15 p.m.

Cross site scripting

2023-07-0321:15:00

PRIOn knowledge base

www.prio-n.com

mlogclub

bbs-go

cross-site scripting

vulnerability

remote code execution

crafted payload

5.7 Medium

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.4%

JSON

Cross Site Scripting vulnerability in mlogclub bbs-go v. 3.5.5. and before allows a remote attacker to execute arbitrary code via a crafted payload to the announcements parameter in the settings function.

CPENameOperatorVersion
bbs-gole3.5.5

CPE	Name	Operator	Version
	bbs-go	le	3.5.5

References

bbs-go.com

github.com/mlogclub/bbs-go

github.com/mlogclub/bbs-go/issues/208