CVE-2023-47379

MEDIUM5.4EPSS 0.16%

Microweber Cross-site Scripting vulnerability

Published: 11/8/2023Modified: 2/21/2024
Also known as:GHSA-jmwm-w2rm-prv9

Description

Microweber CMS prior to version 2.0.3 is vulnerable to stored Cross Site Scripting (XSS) via the profile picture file upload functionality.

Affected packages (1)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1MEDIUM5.4CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References (6)