GHSA-j5hq-6frc-64v3

Source

https://github.com/advisories/GHSA-j5hq-6frc-64v3

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/10/GHSA-j5hq-6frc-64v3/GHSA-j5hq-6frc-64v3.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-j5hq-6frc-64v3

Aliases

CVE-2023-5564

Published

2023-10-13T03:30:34Z

Modified

2024-02-16T08:20:14.757289Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

Cross-site Scripting (XSS) in froxlor/froxlor

Details

Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1.

Database specific

{
    "nvd_published_at": "2023-10-13T01:15:56Z",
    "cwe_ids": [
        "CWE-79"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2023-10-13T23:48:59Z"
}

References

Affected packages

Packagist / froxlor/froxlor

Package

Name: froxlor/froxlor
Purl: pkg:composer/froxlor/froxlor

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.1.0-dev1

Affected versions

0.*

0.10.0-rc1

0.10.0-rc2

0.10.0

0.10.1

0.10.2

0.10.3

0.10.4

0.10.5

0.10.6

0.10.7

0.10.8

0.10.9

0.10.10

0.10.11

0.10.12

0.10.13

0.10.14

0.10.15

0.10.16

0.10.17

0.10.18

0.10.19

0.10.20

0.10.21

0.10.22

0.10.23

0.10.23.1

0.10.24

0.10.25

0.10.26

0.10.27

0.10.28

0.10.29

0.10.29.1

0.10.30

0.10.31

0.10.32

0.10.33

0.10.34

0.10.34.1

0.10.35

0.10.35.1

0.10.36

0.10.37

0.10.38

0.10.38.1

0.10.38.2

0.10.38.3

2.*

2.0.0

2.0.1

2.0.2

2.0.3

2.0.4

2.0.5

2.0.6

2.0.7

2.0.8

2.0.9

2.0.10

2.0.11

2.0.12

2.0.13

2.0.14

2.0.15

2.0.16

2.0.17

2.0.18

2.0.19

2.0.20

2.0.21

2.0.22

2.0.23

2.0.24