CVE-2023-46495 | EverShop NPM up to 1.0.0-rc.7 Request sortBy cross site scripting

Inserito da Angelo Barbosa | Dic 8, 2023 | CVE

A vulnerability, which was classified as problematic, was found in EverShop NPM up to 1.0.0-rc.7. Affected is an unknown function of the component Request Handler. The manipulation of the argument sortBy leads to cross site scripting.

This vulnerability is traded as CVE-2023-46495. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-46495 | EverShop NPM up to 1.0.0-rc.7 Request sortBy cross site scripting

Post correlati

CVE-2024-2330 | Netentsec NS-ASG Application Security Gateway 6.3 /protocol/index.php IPAddr sql injection

CVE-2024-6498 | Collect.chat Chatbot Plugin up to 2.4.3 on WordPress Setting cross site scripting

CVE-2024-37234 | Kodezen Limited Academy LMS Plugin up to 2.0.4 on WordPress redirect

CVE-2023-49433 | Tenda AX9 22.03.01.46 SetVirtualServerCfg list stack-based overflow