CVE-2023-28475 Vulnerability Details
/
/
/
CVE-2023-28475 Metadata Quick Info
CVE Published: 28/04/2023 |
CVE Updated: 02/08/2024 |
CVE Year: 2023
Source: mitre |
Vendor: n/a |
Product: n/a
Status : PUBLISHED
CVE-2023-28475 Description
Concrete CMS (previously concrete5) versions 8.5.12 and below, and versions 9.0 through 9.1.3 is vulnerable to Reflected XSS on the Reply form because msgID was not sanitized.
Metrics
CVSS Version: 3.1 |
Base Score: n/a
Vector: n/a
l➤ Exploitability Metrics:
Attack Vector (AV)*
Attack Complexity (AC)*
Privileges Required (PR)*
User Interaction (UI)*
Scope (S)*
l➤ Impact Metrics:
Confidentiality Impact (C)*
Integrity Impact (I)*
Availability Impact (A)*
Weakness Enumeration (CWE)
CWE-ID:
CWE Name: n/a
Source: n/a
Common Attack Pattern Enumeration and Classification (CAPEC)
CAPEC-ID:
CAPEC Description: