Lucene search
HistoryNov 14, 2023 - 6:15 a.m.
CVE-2023-45879
gibbonedu version 25.0.0
html injection
messager component
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0
Percentile
14.0%
GibbonEdu Gibbon version 25.0.0 allows HTML Injection via an IFRAME element to the Messager component.
Affected configurations
Node
gibbonedugibbonRange≤25.0.00
Related
cve
cve
CVE-2023-45879
2023-11-14 06:15:29
prion
prion
Design/Logic Flaw
2023-11-14 06:15:00
cvelist
cvelist
CVE-2023-45879
2023-11-14 00:00:00
osv
osv
CVE-2023-45879
2023-11-14 06:15:29
vulnrichment
vulnrichment
CVE-2023-45879
2023-11-14 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0
Percentile
14.0%
Related for NVD:CVE-2023-45879