Vulnerability Details CVE-2023-43191
SpringbootCMS 1.0 foreground message can be embedded malicious code saved in the database. When users browse the comments, these malicious codes embedded in the HTML will be executed, and the user's browser will be controlled by the attacker, so as to achieve the special purpose of the attacker, such as cookie theft
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.6%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2023-43191
-
cpe:2.3:a:jrecms:springbootcms:1.0