Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0310Cross-site Scripting in Publish

CWE-79Cross-site Scripting3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
0.4%
top 41.34%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
EZ Publish
Timeline
PublishedJun 16
Latest updateApr 29

Description

Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDez/ez_publish2.2

🔴Vulnerability Details

1
GHSA
GHSA-33p2-27pp-3pqr: Cross-site scripting (XSS) vulnerability in articleview2022-04-29

💥Exploits & PoCs

1
Exploit-DB
EZ Publish 2.2 - 'index.php' IMG Tag Cross-Site Scripting2003-05-16