Lucene search
GitHub Advisory DatabaseGHSA-7M8R-GMC3-3P4VHistoryApr 15, 2023 - 3:30 p.m.
alextselegidis/easyappointments vulnerable to Stored Cross-site Scripting
2023-04-1515:30:14
CWE-79
GitHub Advisory Database
github.com
12
easyappointments
stored cross-site scripting
vulnerable
patch
commit 46a865300e94c7031cc0e315d95d3e3e56768498
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
34.5%
alextselegidis/easyappointments is vulnerable to stored cross-site scripting in versions 1.4.3 and prior. A patch is available at commit 46a865300e94c7031cc0e315d95d3e3e56768498 and anticipated to be part of version 1.5.0.
Affected configurations
Node
alextselegidiseasyappointmentsRange≤1.4.3
| Vendor | Product | Version | CPE |
|---|---|---|---|
| alextselegidis | easyappointments | * | cpe:2.3:a:alextselegidis:easyappointments:*:*:*:*:*:*:*:* |
Related
prion
prion
Cross site scripting
2023-04-15 14:15:00
cve
cve
CVE-2023-2103
2023-04-15 14:15:07
veracode
veracode
Cross-Site Scripting (XSS)
2023-05-17 09:35:58
osv
osv
CVE-2023-2103
2023-04-15 14:15:07
alextselegidis/easyappointments vulnerable to Stored Cross-site Scripting
2023-04-15 15:30:14
huntr
huntr
Multiple XSS in Create/Update Funtion Version 1.4.3 and 1.5.0-dev.2
2023-03-28 16:00:35
nvd
nvd
CVE-2023-2103
2023-04-15 14:15:07
cvelist
cvelist
gitlab
gitlab
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
34.5%
Related for GHSA-7M8R-GMC3-3P4V