Lucene search
Veracode Vulnerability DatabaseVERACODE:43358HistorySep 22, 2023 - 10:18 a.m.
Cross Site Scripting
2023-09-2210:18:13
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
xss
vulnerability
xdsoft.net
rich text editor
client side
javascript
injection
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
46.1%
xdsoft.net is vulnerable to Cross Site Scripting vulnerability. The vulnerability is due to improper sanitization of user input in the rich text editor component. This can be exploited by the attacker by injecting malicious input to execute Javascript on client side.
Related
nvd
nvd
CVE-2023-42399
2023-09-19 04:15:55
cvelist
cvelist
CVE-2023-42399
2023-09-19 00:00:00
cve
cve
CVE-2023-42399
2023-09-19 04:15:55
github
github
Jodit Editor vulnerable to cross-site scripting
2023-09-19 06:30:17
osv
osv
Jodit Editor vulnerable to cross-site scripting
2023-09-19 06:30:17
prion
prion
Cross site scripting
2023-09-19 04:15:00
vulnrichment
vulnrichment
CVE-2023-42399
2023-09-19 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
46.1%
Related for VERACODE:43358