Vulnerability Details CVE-2023-24769
Changedetection.io before v0.40.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the main page. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL parameter under the "Add a new change detection watch" function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.7%
CVSS Severity
CVSS v3 Score 5.4
References
- https://github.com/dgtlmoon/changedetection.io/issues/1358
- https://www.edoardoottavianelli.it/CVE-2023-24769
- https://www.youtube.com/watch?v=TRTpRlkU3Hc
- https://github.com/dgtlmoon/changedetection.io/issues/1358
- https://www.edoardoottavianelli.it/CVE-2023-24769
- https://www.youtube.com/watch?v=TRTpRlkU3Hc
Products affected by CVE-2023-24769
-
cpe:2.3:a:changedetection:changedetection:-
-
cpe:2.3:a:changedetection:changedetection:0.1
-
cpe:2.3:a:changedetection:changedetection:0.11
-
cpe:2.3:a:changedetection:changedetection:0.12
-
cpe:2.3:a:changedetection:changedetection:0.2
-
cpe:2.3:a:changedetection:changedetection:0.21
-
cpe:2.3:a:changedetection:changedetection:0.22
-
cpe:2.3:a:changedetection:changedetection:0.23
-
cpe:2.3:a:changedetection:changedetection:0.24
-
cpe:2.3:a:changedetection:changedetection:0.25
-
cpe:2.3:a:changedetection:changedetection:0.26
-
cpe:2.3:a:changedetection:changedetection:0.27
-
cpe:2.3:a:changedetection:changedetection:0.28
-
cpe:2.3:a:changedetection:changedetection:0.29
-
cpe:2.3:a:changedetection:changedetection:0.30
-
cpe:2.3:a:changedetection:changedetection:0.31
-
cpe:2.3:a:changedetection:changedetection:0.32
-
cpe:2.3:a:changedetection:changedetection:0.33
-
cpe:2.3:a:changedetection:changedetection:0.34
-
cpe:2.3:a:changedetection:changedetection:0.35
-
cpe:2.3:a:changedetection:changedetection:0.36
-
cpe:2.3:a:changedetection:changedetection:0.37
-
cpe:2.3:a:changedetection:changedetection:0.38
-
cpe:2.3:a:changedetection:changedetection:0.38.1
-
cpe:2.3:a:changedetection:changedetection:0.38.2
-
cpe:2.3:a:changedetection:changedetection:0.39
-
cpe:2.3:a:changedetection:changedetection:0.39.1
-
cpe:2.3:a:changedetection:changedetection:0.39.10
-
cpe:2.3:a:changedetection:changedetection:0.39.11
-
cpe:2.3:a:changedetection:changedetection:0.39.12
-
cpe:2.3:a:changedetection:changedetection:0.39.13
-
cpe:2.3:a:changedetection:changedetection:0.39.13.1
-
cpe:2.3:a:changedetection:changedetection:0.39.14
-
cpe:2.3:a:changedetection:changedetection:0.39.14.1
-
cpe:2.3:a:changedetection:changedetection:0.39.15
-
cpe:2.3:a:changedetection:changedetection:0.39.16
-
cpe:2.3:a:changedetection:changedetection:0.39.17
-
cpe:2.3:a:changedetection:changedetection:0.39.17.1
-
cpe:2.3:a:changedetection:changedetection:0.39.17.2
-
cpe:2.3:a:changedetection:changedetection:0.39.18
-
cpe:2.3:a:changedetection:changedetection:0.39.19
-
cpe:2.3:a:changedetection:changedetection:0.39.19.1
-
cpe:2.3:a:changedetection:changedetection:0.39.2
-
cpe:2.3:a:changedetection:changedetection:0.39.20
-
cpe:2.3:a:changedetection:changedetection:0.39.20.1
-
cpe:2.3:a:changedetection:changedetection:0.39.20.2
-
cpe:2.3:a:changedetection:changedetection:0.39.20.3
-
cpe:2.3:a:changedetection:changedetection:0.39.20.4
-
cpe:2.3:a:changedetection:changedetection:0.39.21
-
cpe:2.3:a:changedetection:changedetection:0.39.21.1
-
cpe:2.3:a:changedetection:changedetection:0.39.22
-
cpe:2.3:a:changedetection:changedetection:0.39.22.1
-
cpe:2.3:a:changedetection:changedetection:0.39.3
-
cpe:2.3:a:changedetection:changedetection:0.39.4
-
cpe:2.3:a:changedetection:changedetection:0.39.5
-
cpe:2.3:a:changedetection:changedetection:0.39.6
-
cpe:2.3:a:changedetection:changedetection:0.39.7
-
cpe:2.3:a:changedetection:changedetection:0.39.8
-
cpe:2.3:a:changedetection:changedetection:0.39.9
-
cpe:2.3:a:changedetection:changedetection:0.40.0
-
cpe:2.3:a:changedetection:changedetection:0.40.0.2
-
cpe:2.3:a:changedetection:changedetection:0.40.0.3
-
cpe:2.3:a:changedetection:changedetection:0.40.0.4
-
cpe:2.3:a:changedetection:changedetection:0.40.1.0