7 matches found
CVE-2023-2123 WP Inventory Manager < 2.1.0.13 - Reflected Cross-Site Scripting
The WP Inventory Manager WordPress plugin before 2.1.0.13 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2023-2123
CVE-2023-2123 affects the WordPress plugin WP Inventory Manager prior to version 2.1.0.13. The issue is an insufficient sanitization/escaping of a parameter before it is echoed on the page, causing a Reflected Cross-Site Scripting (XSS) . Impact is limited to unauthenticated users triggering XSS ...
Amazon Linux 2 : ImageMagick (ALAS-2023-2123)
The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2123 advisory. The upstream bug report describes this issue as follows:A vulnerability was found in ImageMagick =7.1.1, where heap-based...
CVE-2023-2123
creationtimestamp| type| source ---|---|--- 2023-05-12 12:48:37+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4337 2023-08-16 16:50:36+00:00| seen| https://t.me/cibsecurity/68647...
SUSE SLES12 Security Update : dnsmasq (SUSE-SU-2023:2123-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2123-1 advisory. - CVE-2023-28450: Fixed default maximum size for EDNS.0 UDP packets bsc1209358. Tenable has extracted the preceding description block direct...
WordPress WP Inventory Manager Plugin < 2.1.0.13 is vulnerable to Cross Site Scripting (XSS)
Software WP Inventory Manager Type Plugin Vulnerable versions 2.1.0.13 Fixed in 2.1.0.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2123 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 4a822a5456e3 Credits daniloalbuqrq...
Exploit for CVE-2023-2123
Update - 5/10/2023 The CVE-2023-2123 ID was reserved and the P...