Lucene search

[email protected]CVE-2023-44174

HistorySep 28, 2023 - 10:15 p.m.

CVE-2023-44174

2023-09-2822:15:10

CWE-79

[email protected]

web.nvd.nist.gov

cve-2023-44174

online movie ticket booking system v1.0

authenticated

stored

cross-site scripting

vulnerability

nvd

6.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

14.2%

JSON

Online Movie Ticket Booking System v1.0 is vulnerable to

an authenticated Stored Cross-Site Scripting vulnerability.

Affected configurations

NVD

Node

projectworldsonline_movie_ticket_booking_systemMatch1.0

CPENameOperatorVersion
projectworlds:online_movie_ticket_booking_systemprojectworlds online movie ticket booking systemeq1.0

CPE	Name	Operator	Version
projectworlds:online_movie_ticket_booking_system	projectworlds online movie ticket booking system	eq	1.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Online Movie Ticket Booking System",
    "vendor": "Online Movie Ticket Booking System",
    "versions": [
      {
        "status": "affected",
        "version": "1.0"
      }
    ]
  }
]

References

fluidattacks.com/advisories/mccartney

projectworlds.in/

6.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

0.0004 Low

EPSS

Percentile

14.2%

JSON

Related for CVE-2023-44174

prion1 cvelist1 nvd1