Lucene search
MitreCVE-2023-29638HistoryMay 01, 2023 - 4:15 p.m.
CVE-2023-29638
2023-05-0116:15:11
CWE-79
mitre
web.nvd.nist.gov
19
cve-2023-29638
xss
winterchens my-site
web script injection
html injection
nvd
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
23.5%
Cross Site Scripting (XSS) vulnerability in WinterChenS my-site before commit 3f0423da6d5200c7a46e200da145c1f54ee18548, allows attackers to inject arbitrary web script or HTML via editing blog articles.
Affected configurations
Node
winterchenmy-siteRange<2023-03-30
| Vendor | Product | Version | CPE |
|---|---|---|---|
| winterchen | my-site | * | cpe:2.3:a:winterchen:my-site:*:*:*:*:*:*:*:* |
References
Related
prion
prion
Cross site scripting
2023-05-01 16:15:00
cvelist
cvelist
CVE-2023-29638
2023-05-01 00:00:00
nvd
nvd
CVE-2023-29638
2023-05-01 16:15:11
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
23.5%
Related for CVE-2023-29638