Lucene search
TR-CERTCVE-2023-0577HistoryMar 03, 2023 - 7:15 a.m.
CVE-2023-0577
2023-03-0307:15:08
CWE-79
TR-CERT
web.nvd.nist.gov
27
cve-2023-0577
cross-site scripting
xss
asos
sobiad
information technologies
security vulnerability
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
31.0%
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in ASOS Information Technologies SOBIAD allows Cross-Site Scripting (XSS).This issue affects SOBIAD: before 23.02.01.
Affected configurations
Node
asosegitimsobiadRange<23.02.01
| Vendor | Product | Version | CPE |
|---|---|---|---|
| asosegitim | sobiad | * | cpe:2.3:a:asosegitim:sobiad:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "SOBIAD",
"vendor": "ASOS Information Technologies",
"versions": [
{
"lessThan": "23.01.05",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]References
Related
cvelist
cvelist
CVE-2023-0577 Multiple XSS in ASOS Information Technologies' Sobiad
2023-03-03 06:55:44
prion
prion
Cross site scripting
2023-03-03 07:15:00
nvd
nvd
CVE-2023-0577
2023-03-03 07:15:08
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
31.0%
Related for CVE-2023-0577