CVE-2023-5793

Source
https://cve.org/CVERecord?id=CVE-2023-5793
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-5793.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-5793
Published
2023-10-26T18:15:08.817Z
Modified
2026-03-15T14:48:39.902224Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

A vulnerability was found in flusity CMS and classified as problematic. This issue affects the function loadCustomBlocCreateForm of the file /core/tools/customblock.php of the component Dashboard. The manipulation of the argument customblock_place leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is named 81252bc764e1de2422e79e36194bba1289e7a0a5. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-243599.

References

Affected packages

Git / github.com/flusity/flusity-cms

Affected ranges

Type
GIT
Repo
https://github.com/flusity/flusity-cms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Type
GIT
Repo
https://github.com/flusity/flusity-cms
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-5793.json"
unresolved_ranges
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2023-10-24"
            }
        ]
    }
]