CVE-2023-43873: XSS
First published: Thu Sep 28 2023(Updated: )
A Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Name filed in the Manage Menu.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| E107 E107 Cms | =2.3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this Cross Site Scripting (XSS) vulnerability?
The vulnerability ID for this Cross Site Scripting (XSS) vulnerability is CVE-2023-43873.
What is the affected software for this vulnerability?
The affected software for this vulnerability is e107 CMS v.2.3.2.
How can a local attacker exploit this vulnerability?
A local attacker can exploit this vulnerability by executing arbitrary code via a crafted script in the Name field of the Manage Menu.
What is the severity rating of this vulnerability?
The severity rating of this vulnerability is medium, with a severity value of 5.4.
How can I fix this Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2?
To fix this vulnerability, update to a patched version of e017 CMS, if available, or follow the recommended security measures provided by the vendor.
- collector/nvd-api
- collector/nvd-index
- agent/author
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/epss-latest
- source/FIRST
- agent/severity
- agent/weakness
- agent/references
- agent/description
- agent/epss
- agent/event
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/e107
- canonical/e107 e107 cms
- version/e107 e107 cms/2.3.2