CVE-2023-0650

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-0650
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-0650.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-0650
Aliases
  • GHSA-mg6p-jjff-7g5m
Published
2023-02-02T15:17:42Z
Modified
2024-05-23T01:28:50.244108Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A vulnerability was found in YAFNET up to 3.1.11 and classified as problematic. This issue affects some unknown processing of the component Signature Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 3.1.12 is able to address this issue. The identifier of the patch is a1442a2bacc3335461b44c250e81f8d99c60735f. It is recommended to upgrade the affected component. The identifier VDB-220037 was assigned to this vulnerability.

References

Affected packages

Git / github.com/yafnet/yafnet

Affected ranges

Type
GIT
Repo
https://github.com/yafnet/yafnet
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Affected versions

Other

aspnet20a
complete
complete2
release_0_8_1
release_0_8_2
release_0_9_0
release_0_9_1
release_0_9_2
release_0_9_3
release_0_9_4
release_0_9_5
release_0_9_6
release_0_9_7
release_0_9_8
release_0_9_8B
release_0_9_9
release_0_9_9b
release_1_0_2
release_1_9_4_BETA
release_1_9_4_FINAL
release_1_9_5_5_BETA
release_1_9_5_5_RTW
release_1_9_5_RC1
release_1_9_6_1_RTW
release_1_9_6_BETA1
release_1_9_6_FINAL
release_1_9_6_RC1
release_2_0_0_RC1
start
yaf_dnn2

v2.*

v2.0.0
v2.1
v2.1.1
v2.1.2
v2.1.2-beta.1
v2.2.0
v2.2.0-beta.1
v2.2.0-rc.1
v2.2.1
v2.2.1.0-nightly.20
v2.2.2
v2.2.2.0-nightly.76
v2.2.3
v2.2.3.0-nightly.115
v2.2.3.0-nightly.118
v2.2.4.0
v2.2.4.0-nightly
v2.2.4.1
v2.2.4.10
v2.2.4.18
v2.2.4.19
v2.2.4.2
v2.2.4.3
v2.2.4.4
v2.2.4.5
v2.2.4.6
v2.2.4.7
v2.2.4.8
v2.2.4.9
v2.3.0.0
v2.3.0.0-BETA1
v2.3.0.0-beta.2
v2.3.0.0-beta.3
v2.3.0.0-beta.4
v2.3.0.0-rc.1
v2.3.0.0-rc.2
v2.3.0.0-rc.3
v2.3.0.0-rc.4
v2.3.0.0-rc.5
v2.3.0.4
v2.3.0.4-beta.1
v2.3.0.5-beta.1
v2.3.1.0

v3.*

v3.0.2
v3.1.0
v3.1.1
v3.1.10
v3.1.11
v3.1.2
v3.1.3
v3.1.4
v3.1.5
v3.1.6
v3.1.7
v3.1.8
v3.1.9