Lucene search
PRIOn knowledge basePRION:CVE-2023-42808HistoryOct 04, 2023 - 8:15 p.m.
Cross site scripting
2023-10-0420:15:00
PRIOn knowledge base
www.prio-n.com
6
mozilla common voice
cross-site scripting
reflected xss
security vulnerability
network request
public domain datasets
speech recognition
0.001 Low
EPSS
Percentile
20.8%
Common Voice is the web app for Mozilla Common Voice, a platform for collecting speech donations in order to create public domain datasets for training voice recognition-related tools. Version 1.88.2 is vulnerable to reflected Cross-Site Scripting given that user-controlled data flows to a path expression (path of a network request). This issue may lead to reflected Cross-Site Scripting (XSS) in the context of Common Voiceβs server origin. As of time of publication, it is unknown whether any patches or workarounds exist.
| CPE | Name | Operator | Version |
|---|---|---|---|
| common_voice | eq | 1.88.2 |
Related
cve
cve
CVE-2023-42808
2023-10-04 20:15:10
osv
osv
CVE-2023-42808
2023-10-04 20:15:10
cvelist
cvelist
CVE-2023-42808 Common Voice Cross-site Scripting vulnerability
2023-10-04 19:11:22
nvd
nvd
CVE-2023-42808
2023-10-04 20:15:10