CVE-2023-37153: XSS
First published: Mon Jul 10 2023(Updated: )
KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into the Description field.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Kodexplorer | =4.51 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-37153?
CVE-2023-37153 is a Cross-Site Scripting (XSS) vulnerability found in KodExplorer 4.51.
How does the CVE-2023-37153 vulnerability in KodExplorer 4.51 work?
The vulnerability allows attackers to inject XSS syntax into the Description field of the Light App creation feature in KodExplorer 4.51.
What is the severity of CVE-2023-37153?
CVE-2023-37153 has a severity rating of medium with a CVSS score of 6.1.
How can an attacker exploit CVE-2023-37153?
An attacker can exploit CVE-2023-37153 by injecting XSS syntax into the Description field of the Light App creation feature in KodExplorer 4.51.
How can I fix the CVE-2023-37153 vulnerability in KodExplorer 4.51?
To fix the vulnerability, update KodExplorer to a version that has the security patch for CVE-2023-37153.
- agent/references
- agent/type
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/weakness
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-latest
- agent/software-canonical-lookup-request
- collector/nvd-index
- collector/nvd-api
- vendor/kodcloud
- canonical/kodexplorer
- version/kodexplorer/4.51