CVE-2023-1798: EyouCMS login.php cross site scripting
First published: Sun Apr 02 2023(Updated: )
A vulnerability, which was classified as problematic, has been found in EyouCMS up to 1.5.4. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument typename leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-224750 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Eyoucms Eyoucms | <=1.5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this EyouCMS vulnerability?
The vulnerability ID is CVE-2023-1798.
What is the severity level of CVE-2023-1798?
The severity level of CVE-2023-1798 is medium (5.4).
What is the affected software for CVE-2023-1798?
The affected software is EyouCMS up to version 1.5.4.
What is the CWE ID for CVE-2023-1798?
The CWE ID for CVE-2023-1798 is CWE-79.
How can I fix the EyouCMS login.php cross site scripting vulnerability?
To fix the EyouCMS login.php cross site scripting vulnerability, update EyouCMS to a version higher than 1.5.4.
- collector/mitre-cve
- collector/nvd-index
- agent/weakness
- agent/event
- agent/references
- agent/title
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/eyoucms
- canonical/eyoucms eyoucms
- version/eyoucms eyoucms/1.5.4