Lucene search
+L

114 matches found

Prion
Prion
added 2023/08/31 1:15 a.m.17 views

Server side request forgery (ssrf)

Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...

4.6CVSS5.5AI score0.00349EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/08/31 1:15 a.m.13 views

Cross site scripting

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1...

4CVSS6AI score0.00408EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/08/31 1:15 a.m.18 views

Cross site scripting

Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

6CVSS5.3AI score0.00438EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/08/31 1:15 a.m.15 views

Session fixation

Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...

4CVSS5.5AI score0.00368EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/08/31 12:0 a.m.12 views

CVE-2023-4655 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1...

4.3CVSS6.1AI score0.00408EPSS
Exploits1References2
CVE
CVE
added 2023/08/31 12:0 a.m.39 views

CVE-2023-4655

CVE-2023-4655 affects instantsoft/icms2 prior to 2.16.1, described as a reflected Cross-site Scripting (XSS) in the web UI. The vulnerability arises from input that is echoed in responses, enabling script execution in a user’s browser. No explicit exploitation status is provided in the initial/co...

6.1CVSS4.8AI score0.00408EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/08/31 12:0 a.m.18 views

CVE-2023-4655 Cross-site Scripting (XSS) - Reflected in instantsoft/icms2

Cross-site Scripting XSS - Reflected in GitHub repository instantsoft/icms2 prior to 2.16.1...

4.3CVSS4.7AI score0.00408EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/08/31 12:0 a.m.9 views

CVE-2023-4652 Cross-site Scripting (XSS) - Stored in instantsoft/icms2

Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

6.8CVSS6AI score0.00438EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/08/31 12:0 a.m.18 views

CVE-2023-4653 Cross-site Scripting (XSS) - Stored in instantsoft/icms2

Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

5.9CVSS6AI score0.00426EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/08/31 12:0 a.m.12 views

CVE-2023-4649 Session Fixation in instantsoft/icms2

Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...

4.3CVSS6.8AI score0.00368EPSS
Exploits1References2
OSV
OSV
added 2023/08/31 12:0 a.m.19 views

CVE-2023-4651 Server-Side Request Forgery (SSRF) in instantsoft/icms2

Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...

6.4CVSS6.2AI score0.00349EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2023/08/31 12:0 a.m.10 views

CVE-2023-4651 Server-Side Request Forgery (SSRF) in instantsoft/icms2

Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...

6.4CVSS6.8AI score0.00349EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/08/31 12:0 a.m.15 views

CVE-2023-4650 Improper Access Control in instantsoft/icms2

Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.7CVSS6.8AI score0.00453EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/08/31 12:0 a.m.38 views

CVE-2023-4649 Session Fixation in instantsoft/icms2

Session Fixation in GitHub repository instantsoft/icms2 prior to 2.16.1...

4.3CVSS5.7AI score0.00368EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/08/31 12:0 a.m.26 views

CVE-2023-4651 Server-Side Request Forgery (SSRF) in instantsoft/icms2

Server-Side Request Forgery SSRF in GitHub repository instantsoft/icms2 prior to 2.16.1...

6.4CVSS5.8AI score0.00349EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/08/31 12:0 a.m.38 views

CVE-2023-4652 Cross-site Scripting (XSS) - Stored in instantsoft/icms2

Cross-site Scripting XSS - Stored in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

6.8CVSS5.5AI score0.00438EPSS
Exploits1References2
CVE
CVE
added 2023/08/31 12:0 a.m.37 views

CVE-2023-4652

CVE-2023-4652 is a stored Cross-site Scripting (XSS) vulnerability affecting instantsoft/icms2 releases prior to 2.16.1-git. Multiple sources confirm the issue is a stored XSS in icms2, with exploitation via attacker-supplied input that can induce script execution in an affected user’s browser. P...

6.8CVSS5.6AI score0.00438EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/08/31 12:0 a.m.37 views

CVE-2023-4653

CVE-2023-4653 is a stored XSS vulnerability in instantsoft/icms2 prior to 2.16.1-git. The Red Hat and CVE records corroborate stored XSS in icms2, affecting versions before 2.16.1-git. The issue stems from input handling in the affected module (admin/comments path in the Huntr PoC reference), ena...

5.9CVSS5.1AI score0.00426EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/08/31 12:0 a.m.38 views

CVE-2023-4651

CVE-2023-4651 describes a Server-Side Request Forgery (SSRF) in instantsoft/icms2 prior to 2.16.1. Affected component: icms2 server handling image/url fetches. Root cause: SSRF in how URLs are processed, allowing the server to make unintended requests. Impact: as described by the sources, potenti...

6.4CVSS5.6AI score0.00349EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/08/31 12:0 a.m.34 views

CVE-2023-4650

CVE-2023-4650 affects instantsoft/icms2 prior to 2.16.1-git and is described as improper access control in the admin account management functionality. Connected sources confirm an admin account takeover/vector exists: a PoC demonstrates an authenticated admin can change other admins’ passwords, e...

4.7CVSS4.7AI score0.00453EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder