CVE-2023-5378

medium

Description

Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2. MegaBIP 5.08 was tested and is not vulnerable. A precise range of vulnerable versions remains unknown.

References

https://smod.pl/

https://megabip.pl/

https://cert.pl/posts/2023/12/CVE-2023-5378

https://cert.pl/en/posts/2023/12/CVE-2023-5378

Details

Source: Mitre, NVD

Published: 2024-01-29

Updated: 2024-10-10

Risk Information

CVSS v2

Base Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium