CVE Vulnerability

CVE-2023-0327

A vulnerability was found in saemorris TheRadSystem. It has been classified as problematic. Affected is an unknown function of the file users.php. The manipulation of the argument q leads to cross site scripting. It is possible to launch the attack remotely. VDB-218454 is the identifier assigned to this vulnerability.

6.1 /10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 2.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope CHANGED

References
Link Resource
https://vuldb.com/?ctiid.218454 Permissions Required Third Party Advisory
https://vuldb.com/?id.218454 Permissions Required Third Party Advisory
https://github.com/saemorris/TheRadSystem/commit/bfba26bd34af31648a11af35a0bb66f1948752a6 Patch Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:theradsystem_project:theradsystem:*:*:*:*:*:*:*:*
Information

Published : 2023-01-16 07:15

Updated : 2023-01-24 08:01

NVD link : CVE-2023-0327

Mitre link : CVE-2023-0327

Products Affected

Theradsystem Project

CWE
CWE-79