Lucene search
K

6 matches found

OSV
OSV
added 2024/01/31 3:12 p.m.21 views

BIT-CIVICRM-2023-25440

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

5.4CVSS5.2AI score0.02537EPSS
Exploits4References2
Prion
Prion
added 2023/05/23 1:15 a.m.15 views

Cross site scripting

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

4.9CVSS5.4AI score0.02537EPSS
Exploits4References2Affected Software1
Debian CVE
Debian CVE
added 2023/05/23 12:0 a.m.38 views

CVE-2023-25440

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

5.4CVSS5.3AI score0.02537EPSS
Exploits4
Cvelist
Cvelist
added 2023/05/23 12:0 a.m.39 views

CVE-2023-25440

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

5.5AI score0.02537EPSS
Exploits4References2
UbuntuCve
UbuntuCve
added 2023/05/23 12:0 a.m.14 views

CVE-2023-25440

Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...

5.4CVSS6.4AI score0.02537EPSS
Exploits4References3
CVE
CVE
added 2023/05/23 12:0 a.m.66 views

CVE-2023-25440

CVE-2023-25440 affects CiviCRM 5.59.alpha1. The vulnerability is a Stored Cross-Site Scripting (XSS) in the Add Contact function, exploitable via the first/second name fields, enabling an attacker to execute arbitrary scripts when the page loads. Multiple connected sources confirm the issue and r...

5.4CVSS5.3AI score0.02537EPSS
Exploits4References2Affected Software1
Rows per page
Query Builder