CVE-2023-1799: EyouCMS login.php cross site scripting
First published: Sun Apr 02 2023(Updated: )
A vulnerability, which was classified as problematic, was found in EyouCMS up to 1.5.4. This affects an unknown part of the file login.php. The manipulation of the argument tag_tag leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224751.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Eyoucms Eyoucms | <=1.5.4 | |
| <=1.5.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this EyouCMS vulnerability?
The vulnerability ID for this EyouCMS vulnerability is CVE-2023-1799.
What is the severity level of CVE-2023-1799?
The severity level of CVE-2023-1799 is medium with a severity value of 5.4.
What is the affected software version of CVE-2023-1799?
The affected software version of CVE-2023-1799 is EyouCMS up to 1.5.4.
What is the CWE category of CVE-2023-1799?
The CWE category of CVE-2023-1799 is CWE-79 (Cross-Site Scripting).
Is there a fix available for CVE-2023-1799?
Yes, a fix for CVE-2023-1799 is available. It is recommended to update to the latest version of EyouCMS to address the vulnerability.
- collector/mitre-cve
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/title
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- vendor/eyoucms
- canonical/eyoucms eyoucms
- version/eyoucms eyoucms/1.5.4