exploitDog

CVE-2023-23756

Опубликовано: 11 июл. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.

Ссылки

https://extensions.joomla.org/vulnerable-extensions/vulnerable/one-vote-1-7-xss-cross-site-scripting/
Third Party Advisory
https://extensions.joomla.org/vulnerable-extensions/vulnerable/one-vote-1-7-xss-cross-site-scripting/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:advcomsys:onevote\!:1.7:*:*:*:*:joomla\!:*:*

EPSS

Процентиль: 24%

0.0008

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-p5fh-fh5q-gpgf

CVSS3: 6.1

github

больше 2 лет назад

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in advcomsys.com oneVote component for Joomla. It allows XSS Targeting Non-Script Elements.

EPSS

Процентиль: 24%

0.0008

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79