CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-26846

A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the city parameter at opencats/index.php?m=candidates.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 25.5%

CVSS Severity

CVSS v3 Score 5.4

References

https://github.com/cassis-sec/CVE/tree/main/2023/CVE-2023-26846
https://opencats.org
https://github.com/cassis-sec/CVE/tree/main/2023/CVE-2023-26846
https://opencats.org

Products affected by CVE-2023-26846

Opencats » Opencats » Version: 0.9.7

cpe:2.3:a:opencats:opencats:0.9.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-26846

Products

Pricing

Contact Us