CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-3937

Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.1%

CVSS Severity

CVSS v3 Score 4.8

References

https://community.snowsoftware.com/s/feed/0D56M00009gUexuSAC
https://community.snowsoftware.com/s/feed/0D56M00009gUexuSAC

Products affected by CVE-2023-3937

Snowsoftware » Snow License Manager » Version: 9.27

cpe:2.3:a:snowsoftware:snow_license_manager:9.27
Snowsoftware » Snow License Manager » Version: 9.29

cpe:2.3:a:snowsoftware:snow_license_manager:9.29
Snowsoftware » Snow License Manager » Version: 9.30

cpe:2.3:a:snowsoftware:snow_license_manager:9.30
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3937

Products

Pricing

Contact Us