CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-26847

A stored cross-site scripting (XSS) vulnerability in OpenCATS v0.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the state parameter at opencats/index.php?m=candidates.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.8%

CVSS Severity

CVSS v3 Score 5.4

References

https://github.com/cassis-sec/CVE/tree/main/2023/CVE-2023-26847
https://opencats.org
https://github.com/cassis-sec/CVE/tree/main/2023/CVE-2023-26847
https://opencats.org

Products affected by CVE-2023-26847

Opencats » Opencats » Version: 0.9.7

cpe:2.3:a:opencats:opencats:0.9.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-26847

Products

Pricing

Contact Us