exploitDog

CVE-2023-34423

Опубликовано: 03 апр. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Survey Maker prior to 3.6.4 contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product with the administrative privilege.

Ссылки

https://jvn.jp/en/jp/JVN51098626/
Third Party Advisory
https://wordpress.org/plugins/survey-maker/
Product
https://jvn.jp/en/jp/JVN51098626/
Third Party Advisory
https://wordpress.org/plugins/survey-maker/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ays-pro:survey_maker:*:*:*:*:*:wordpress:*:*

Версия до 3.6.4 (исключая)

EPSS

Процентиль: 48%

0.00245

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-ph95-6589-h2hv

CVSS3: 6.1

github

почти 2 года назад

Survey Maker prior to 3.6.4 contains a stored cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in to the website using the product with the administrative privilege.

EPSS

Процентиль: 48%

0.00245

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79