Vulnerability Details CVE-2023-41425
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.799
EPSS Ranking 99.0%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2023-41425
-
cpe:2.3:a:wondercms:wondercms:3.2.0
-
cpe:2.3:a:wondercms:wondercms:3.3.0
-
cpe:2.3:a:wondercms:wondercms:3.3.1
-
cpe:2.3:a:wondercms:wondercms:3.3.2
-
cpe:2.3:a:wondercms:wondercms:3.3.3
-
cpe:2.3:a:wondercms:wondercms:3.3.4
-
cpe:2.3:a:wondercms:wondercms:3.4.1
-
cpe:2.3:a:wondercms:wondercms:3.4.2