Vulnerability Details CVE-2023-37153
KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into the Description field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.5%
CVSS Severity
CVSS v3 Score 6.1
References
- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/KodExplorer4.51.03.md
- https://github.com/kalcaddle/KodExplorer
- https://www.chtsecurity.com/news/13a86b33-7e49-4167-9682-7ff3f51cbcba%20
- https://www.chtsecurity.com/news/55f0a781-f7bf-4b2f-b2cc-7957fdf846da
- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/KodExplorer4.51.03.md
- https://github.com/kalcaddle/KodExplorer
- https://www.chtsecurity.com/news/13a86b33-7e49-4167-9682-7ff3f51cbcba%20
- https://www.chtsecurity.com/news/55f0a781-f7bf-4b2f-b2cc-7957fdf846da
Products affected by CVE-2023-37153
-
cpe:2.3:a:kodcloud:kodexplorer:4.51