CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-37658

fast-poster v2.15.0 is vulnerable to Cross Site Scripting (XSS). File upload check binary of img, but without strictly check file suffix at /server/fast.py -> ApiUploadHandler.post causes stored XSS

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.1%

CVSS Severity

CVSS v3 Score 5.4

References

https://github.com/psoho/fast-poster/issues/13
https://github.com/psoho/fast-poster/issues/13

Products affected by CVE-2023-37658

Fastposter » Fast-Poster » Version: 2.15.0

cpe:2.3:a:fastposter:fast-poster:2.15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37658

Products

Pricing

Contact Us