Lucene search
+L

4 matches found

CVE
CVE
added 2023/03/05 12:0 a.m.62 views

CVE-2023-22438

CVE-2023-22438 is a cross-site scripting vulnerability in EC-CUBE’s Contents Management across multiple series (EC-CUBE 4.0.0–4.0.6-p2, 4.1.0–4.1.2-p1, 4.2.0; 3.x up to 3.0.18-p5; 2.x up to 2.17.2). The root cause is a stored/reflected XSS in the contents management interface that allows a remote...

5.4CVSS5.2AI score0.00692EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/05 12:0 a.m.7 views

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

5.5AI score0.00692EPSS
Exploits0References4
OSV
OSV
added 2023/03/05 12:0 a.m.24 views

CVE-2023-22438

Cross-site scripting vulnerability in Contents Management of EC-CUBE 4 series EC-CUBE 4.0.0 to 4.0.6-p2, EC-CUBE 4.1.0 to 4.1.2-p1, and EC-CUBE 4.2.0, EC-CUBE 3 series EC-CUBE 3.0.0 to 3.0.18-p5, and EC-CUBE 2 series EC-CUBE 2.11.0 to 2.11.5, EC-CUBE 2.12.0 to 2.12.6, EC-CUBE 2.13.0 to 2.13.5, an...

5.4CVSS6.5AI score0.00692EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2023/02/28 12:0 a.m.34 views

JVN#04785663: Multiple cross-site scripting vulnerabilities in EC-CUBE

EC-CUBE provided by EC-CUBE CO.,LTD. contains multiple cross-site scripting vulnerabilities listed below. Cross-site scripting vulnerability in Contents Management CWE-79 - CVE-2023-22438 Version| Vector| Score ---|---|--- CVSS v3| CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N| Base Score: 5.4 CVS...

5.4CVSS6AI score0.00692EPSS
Exploits0
Rows per page
Query Builder