CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-47175

Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.2%

CVSS Severity

CVSS v3 Score 6.1

References

https://jvn.jp/en/jp/JVN15005948/
https://www.luxsoft.eu/
https://www.luxsoft.eu/?download
https://www.luxsoft.eu/lcforum/viewtopic.php?id=476
https://jvn.jp/en/jp/JVN15005948/
https://www.luxsoft.eu/
https://www.luxsoft.eu/?download
https://www.luxsoft.eu/lcforum/viewtopic.php?id=476

Products affected by CVE-2023-47175

Luxsoft » Luxcal Web Calendar » Version: Any

cpe:2.3:a:luxsoft:luxcal_web_calendar:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-47175

Products

Pricing

Contact Us