CVE-2023-43873

2023-09-2800:00:00

mitre

www.cve.org

cross site scripting

e017 cms

local attacker

arbitrary code

crafted script

manage menu

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

20.2%

JSON

A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu.

References

github.com/sromanhu/e107-CMS-Stored-XSS---Manage/blob/main/README.md