exploitDog

CVE-2023-37742

Опубликовано: 21 июл. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

WebBoss.io CMS before v3.7.0.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability.

Ссылки

https://webboss.feedbear.com/updates
Release Notes
https://webboss.io/page/bughunter-acknowledgments.html
Vendor Advisory
https://www.realinfosec.net/advisories/WEBBOSS-XSS-2022-0xd3fcf.html
Third Party Advisory
https://webboss.feedbear.com/updates
Release Notes
https://webboss.io/page/bughunter-acknowledgments.html
Vendor Advisory
https://www.realinfosec.net/advisories/WEBBOSS-XSS-2022-0xd3fcf.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:webboss:webboss.io_cms:*:*:*:*:*:*:*:*

Версия до 3.7.0.1 (исключая)

EPSS

Процентиль: 66%

0.00506

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-2hwr-fcr9-mg7v

CVSS3: 6.1

github

больше 2 лет назад

WebBoss.io CMS before v3.6.8.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability.

EPSS

Процентиль: 66%

0.00506

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79