CVE-2023-36163

Опубликовано: 11 июл. 2023

Источник: nvd

CVSS3: 6.1

EPSS Средний

Описание

Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc parameter of the URL.

Ссылки

http://packetstormsecurity.com/files/173366/BuildaGate5-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
http://www.levi-coins.co.il/BuildaGate5/general2/company_search_tree.php?SiteName=levicoins
Not Applicable
http://www.misdar-jabo.org/BuildaGate5/general2/company_search_tree.php?NewNameMade=0&SiteName=misdar&lan=en&EnterDefault=&Referral=tree&BuyerID=104732450&Clubtmp1=&SearchTop=
Broken Link
https://afula.libraries.co.il/BuildaGate5library/general2/company_search_tree.php?mc=0
Broken Link
https://github.com/TraiLeR2?tab=overview&from=2023-05-01&to=2023-05-31
Third Party Advisory
http://packetstormsecurity.com/files/173366/BuildaGate5-Cross-Site-Scripting.html
Exploit
Third Party Advisory
VDB Entry
http://www.levi-coins.co.il/BuildaGate5/general2/company_search_tree.php?SiteName=levicoins
Not Applicable
http://www.misdar-jabo.org/BuildaGate5/general2/company_search_tree.php?NewNameMade=0&SiteName=misdar&lan=en&EnterDefault=&Referral=tree&BuyerID=104732450&Clubtmp1=&SearchTop=
Broken Link
https://afula.libraries.co.il/BuildaGate5library/general2/company_search_tree.php?mc=0
Broken Link
https://github.com/TraiLeR2?tab=overview&from=2023-05-01&to=2023-05-31
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:buildagate_project:buildagate:5:*:*:*:*:*:*:*

EPSS

Процентиль: 94%

0.13243

Средний

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-c67w-fmjh-642r