Vulnerability Details CVE-2023-43346
Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Backend - Dashboard parameter in the Languages Menu component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.1%
CVSS Severity
CVSS v3 Score 5.4
References
- https://github.com/sromanhu/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend
- https://github.com/sromanhu/Quick-CMS-Stored-XSS---Languages-Backend
- https://github.com/sromanhu/CVE-2023-43346-Quick-CMS-Stored-XSS---Languages-Backend
- https://github.com/sromanhu/Quick-CMS-Stored-XSS---Languages-Backend
Products affected by CVE-2023-43346
-
cpe:2.3:a:opensolution:quick_cms:6.7