CVE-2023-47437

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-47437

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-47437.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-47437

Published

2023-11-28T00:15:07.093Z

Modified

2025-11-20T12:19:59.257968Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A vulnerability has been identified in Pachno 1.0.6 allowing an authenticated attacker to execute a cross-site scripting (XSS) attack. The vulnerability exists due to inadequate input validation in the Project Description and comments, which enables an attacker to inject malicious java script.

References

Affected packages

Git / github.com/pachno/pachno

Affected ranges

Type: GIT
Repo: https://github.com/pachno/pachno
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

e2939e9b07a003883862eb39fc0a6263e1355ffb

Affected versions

v0.*

v0.6.0-alpha

v0.7.0-alpha

v1.*

v1.0-rc

v1.0-rc1

v1.0-rc2

v1.0.0

v1.0.1

v1.0.2

v1.0.3