CVE-2023-3838

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-3838

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3838.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-3838

Published

2023-07-23T02:15:11Z

Modified

2025-01-14T11:50:18.029369Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability classified as problematic was found in DedeBIZ 6.2.10. Affected by this vulnerability is an unknown functionality of the file /admin/vote_edit.php. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235189 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

References

Affected packages

Git / github.com/dedebiz/dedev6

Affected ranges

Type: GIT
Repo: https://github.com/dedebiz/dedev6
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

7388a973aed8f4a319d003c1399858a3a872585a

Affected versions

6.*

6.0.0

6.0.1

6.0.2

6.0.3

6.1.0

6.1.1

6.1.2

6.1.6

6.1.7

6.1.8

6.1.9

6.2.10

6.2.5

6.2.6