CVE-2023-3293

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-3293

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3293.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-3293

Aliases

BIT-suitecrm-2023-3293

Published

2023-06-16T00:00:00Z

Modified

2025-12-12T14:51:17.275961Z

Severity

7.6 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H CVSS Calculator

Summary

Cross-site Scripting (XSS) - Stored in salesagility/suitecrm-core

Details

Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0.

Database specific

{
    "cwe_ids": [
        "CWE-79"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/3xxx/CVE-2023-3293.json",
    "cna_assigner": "@huntrdev"
}

References

Affected packages

Git / github.com/salesagility/suitecrm-core

Affected ranges

Type: GIT
Repo: https://github.com/salesagility/suitecrm-core
Events: Introduced

55c1ee9cbdf409ed41c04da0bbf442b311a3ab57

Fixed

fbf70a5e4388efb785dce9c3e1b9c806bc3ae4c1

Affected versions

v8.*

v8.0.0

v8.0.1

v8.0.2

Git / github.com/suitecrm/suitecrm-core

Affected ranges

Type: GIT
Repo: https://github.com/suitecrm/suitecrm-core
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

1f949f1ac2b7fe82f3c2c6071f842b804ba91929

Affected versions

v8.*

v8.0.0

v8.0.0-beta.1

v8.0.0-beta.2

v8.0.0-beta.3

v8.0.0-rc

v8.0.1

v8.0.2

v8.0.3

v8.0.4

v8.1.0

v8.1.1

v8.1.2

v8.1.3

v8.2.0

v8.2.0-beta.2

v8.2.1

v8.2.2

v8.2.3

v8.2.4