CVE-2023-2102: XSS
First published: Sat Apr 15 2023(Updated: )
Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Easyappointments Easyappointments | <1.5.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-2102?
The severity of CVE-2023-2102 is medium with a CVSS score of 4.8.
How does CVE-2023-2102 affect Easyappointments?
CVE-2023-2102 affects Easyappointments version prior to 1.5.0 by allowing stored Cross-site Scripting (XSS) attacks.
What is Cross-site Scripting (XSS)?
Cross-site Scripting (XSS) is a type of security vulnerability that allows attackers to inject malicious scripts into web pages viewed by users.
How can I fix CVE-2023-2102 in Easyappointments?
To fix CVE-2023-2102 in Easyappointments, make sure to update to version 1.5.0 or newer.
Where can I find more information about CVE-2023-2102?
You can find more information about CVE-2023-2102 on the GitHub commit and huntr.dev bounty links: [GitHub commit](https://github.com/alextselegidis/easyappointments/commit/bddc5cbeb7ff237a72943b304dcb01c653781767), [huntr.dev bounty](https://huntr.dev/bounties/dd7c04a7-a984-4387-9ac4-24596e7ece44).
- collector/nvd-index
- vendor/easyappointments
- canonical/easyappointments easyappointments