Lucene search
Veracode Vulnerability DatabaseVERACODE:44098HistoryNov 02, 2023 - 5:54 a.m.
Cross-site Scripting (XSS)
2023-11-0205:54:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
evolutioncms
cross-site scripting
vulnerability
CVSS3
5.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
6.5
Confidence
High
EPSS
0
Percentile
5.1%
evolutioncms/evolution is vulnerable to Cross-site Scripting (XSS). An attacker could exploit this vulnerability by injecting a crafted payload into the cmsadmin, cmsadminemail, cmspassword and cmspasswordconfim parameters, resulting in XSS.
Related
osv
osv
CVE-2023-43340
2023-10-19 23:15:08
Evolution CMS Cross-site Scripting vulnerability
2023-10-20 00:30:25
github
github
Evolution CMS Cross-site Scripting vulnerability
2023-10-20 00:30:25
vulnrichment
vulnrichment
CVE-2023-43340
2023-10-19 00:00:00
cve
cve
CVE-2023-43340
2023-10-19 23:15:08
cvelist
cvelist
CVE-2023-43340
2023-10-19 00:00:00
prion
prion
Cross site scripting
2023-10-19 23:15:00
nvd
nvd
CVE-2023-43340
2023-10-19 23:15:08
CVSS3
5.2
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
AI Score
6.5
Confidence
High
EPSS
0
Percentile
5.1%
Related for VERACODE:44098