CVE-2023-3944: phpscriptpoint Lawyer page.php cross site scripting
First published: Tue Jul 25 2023(Updated: )
A vulnerability was found in phpscriptpoint Lawyer 1.6 and classified as problematic. Affected by this issue is some unknown functionality of the file page.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235400. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| phpscriptpoint Lawyer | =1.6 | |
| =1.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-3944?
CVE-2023-3944 is classified as problematic due to its potential for cross-site scripting attacks.
How do I fix CVE-2023-3944?
To fix CVE-2023-3944, ensure that you validate and sanitize user inputs in the affected page.php file.
Which versions are affected by CVE-2023-3944?
CVE-2023-3944 affects version 1.6 of phpscriptpoint Lawyer.
Can CVE-2023-3944 be exploited remotely?
Yes, CVE-2023-3944 can be exploited remotely through vulnerabilities in the web application's functionality.
What type of vulnerability is CVE-2023-3944?
CVE-2023-3944 is a cross-site scripting (XSS) vulnerability.
- collector/nvd-latest
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/weakness
- agent/description
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/title
- agent/event
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- vendor/phpscriptpoint
- canonical/phpscriptpoint lawyer
- version/phpscriptpoint lawyer/1.6