CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-45881

GibbonEdu Gibbon through version 25.0.0 allows /modules/Planner/resources_addQuick_ajaxProcess.php file upload with resultant XSS. The imageAsLinks parameter must be set to Y to return HTML code. The filename attribute of the bodyfile1 parameter is reflected in the response.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.2%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2023-45881

Gibbonedu » Gibbon » Version: 10.0.00

cpe:2.3:a:gibbonedu:gibbon:10.0.00
Gibbonedu » Gibbon » Version: 11.0.00

cpe:2.3:a:gibbonedu:gibbon:11.0.00
Gibbonedu » Gibbon » Version: 12.0.00

cpe:2.3:a:gibbonedu:gibbon:12.0.00
Gibbonedu » Gibbon » Version: 13.0.00

cpe:2.3:a:gibbonedu:gibbon:13.0.00
Gibbonedu » Gibbon » Version: 13.0.01

cpe:2.3:a:gibbonedu:gibbon:13.0.01
Gibbonedu » Gibbon » Version: 13.0.02

cpe:2.3:a:gibbonedu:gibbon:13.0.02
Gibbonedu » Gibbon » Version: 14.0.00

cpe:2.3:a:gibbonedu:gibbon:14.0.00
Gibbonedu » Gibbon » Version: 14.0.01

cpe:2.3:a:gibbonedu:gibbon:14.0.01
Gibbonedu » Gibbon » Version: 15.0.00

cpe:2.3:a:gibbonedu:gibbon:15.0.00
Gibbonedu » Gibbon » Version: 15.0.01

cpe:2.3:a:gibbonedu:gibbon:15.0.01
Gibbonedu » Gibbon » Version: 16.0.00

cpe:2.3:a:gibbonedu:gibbon:16.0.00
Gibbonedu » Gibbon » Version: 16.0.01

cpe:2.3:a:gibbonedu:gibbon:16.0.01
Gibbonedu » Gibbon » Version: 17.0.00

cpe:2.3:a:gibbonedu:gibbon:17.0.00
Gibbonedu » Gibbon » Version: 18.0.00

cpe:2.3:a:gibbonedu:gibbon:18.0.00
Gibbonedu » Gibbon » Version: 18.0.01

cpe:2.3:a:gibbonedu:gibbon:18.0.01
Gibbonedu » Gibbon » Version: 19.0.00

cpe:2.3:a:gibbonedu:gibbon:19.0.00
Gibbonedu » Gibbon » Version: 20.0.00

cpe:2.3:a:gibbonedu:gibbon:20.0.00
Gibbonedu » Gibbon » Version: 21.0.00

cpe:2.3:a:gibbonedu:gibbon:21.0.00
Gibbonedu » Gibbon » Version: 21.0.01

cpe:2.3:a:gibbonedu:gibbon:21.0.01
Gibbonedu » Gibbon » Version: 22.0.00

cpe:2.3:a:gibbonedu:gibbon:22.0.00
Gibbonedu » Gibbon » Version: 22.0.01

cpe:2.3:a:gibbonedu:gibbon:22.0.01
Gibbonedu » Gibbon » Version: 23.0.00

cpe:2.3:a:gibbonedu:gibbon:23.0.00
Gibbonedu » Gibbon » Version: 23.0.01

cpe:2.3:a:gibbonedu:gibbon:23.0.01
Gibbonedu » Gibbon » Version: 23.0.02

cpe:2.3:a:gibbonedu:gibbon:23.0.02
Gibbonedu » Gibbon » Version: 24.0.00

cpe:2.3:a:gibbonedu:gibbon:24.0.00
Gibbonedu » Gibbon » Version: 24.0.01

cpe:2.3:a:gibbonedu:gibbon:24.0.01
Gibbonedu » Gibbon » Version: 25.0.00

cpe:2.3:a:gibbonedu:gibbon:25.0.00
Gibbonedu » Gibbon » Version: 7.0.00

cpe:2.3:a:gibbonedu:gibbon:7.0.00
Gibbonedu » Gibbon » Version: 7.0.01

cpe:2.3:a:gibbonedu:gibbon:7.0.01
Gibbonedu » Gibbon » Version: 7.1.00

cpe:2.3:a:gibbonedu:gibbon:7.1.00
Gibbonedu » Gibbon » Version: 7.1.01

cpe:2.3:a:gibbonedu:gibbon:7.1.01
Gibbonedu » Gibbon » Version: 7.1.02

cpe:2.3:a:gibbonedu:gibbon:7.1.02
Gibbonedu » Gibbon » Version: 8.0.00

cpe:2.3:a:gibbonedu:gibbon:8.0.00
Gibbonedu » Gibbon » Version: 8.0.01

cpe:2.3:a:gibbonedu:gibbon:8.0.01
Gibbonedu » Gibbon » Version: 8.0.02

cpe:2.3:a:gibbonedu:gibbon:8.0.02
Gibbonedu » Gibbon » Version: 8.0.03

cpe:2.3:a:gibbonedu:gibbon:8.0.03
Gibbonedu » Gibbon » Version: 8.0.04

cpe:2.3:a:gibbonedu:gibbon:8.0.04
Gibbonedu » Gibbon » Version: 8.0.05

cpe:2.3:a:gibbonedu:gibbon:8.0.05
Gibbonedu » Gibbon » Version: 8.0.06

cpe:2.3:a:gibbonedu:gibbon:8.0.06
Gibbonedu » Gibbon » Version: 8.1.00

cpe:2.3:a:gibbonedu:gibbon:8.1.00
Gibbonedu » Gibbon » Version: 8.2.00

cpe:2.3:a:gibbonedu:gibbon:8.2.00
Gibbonedu » Gibbon » Version: 8.3.00

cpe:2.3:a:gibbonedu:gibbon:8.3.00
Gibbonedu » Gibbon » Version: 9.0.00

cpe:2.3:a:gibbonedu:gibbon:9.0.00
Gibbonedu » Gibbon » Version: 9.1.00

cpe:2.3:a:gibbonedu:gibbon:9.1.00

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-45881

Products

Pricing

Contact Us