cbcvebase.
CVE-2023-28447
published 2023-03-28

CVE-2023-28447: Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to…

PriorityP429medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
1.02%
59.0th percentile
Smarty is a template engine for PHP. In affected versions smarty did not properly escape javascript code. An attacker could exploit this vulnerability to execute arbitrary JavaScript code in the context of the user's browser session. This may lead to unauthorized access to sensitive user data, manipulation of the web application's behavior, or unauthorized actions performed on behalf of the user. Users are advised to upgrade to either version 3.1.48 or to 4.3.1 to resolve this issue. There are no known workarounds for this vulnerability.

Affected

17 ranges
VendorProductVersion rangeFixed in
debiansmarty3< smarty3 3.1.47-2+deb12u1 (bookworm)smarty3 3.1.47-2+deb12u1 (bookworm)
debiansmarty4< smarty3 3.1.47-2+deb12u1 (bookworm)smarty3 3.1.47-2+deb12u1 (bookworm)
fedoraprojectfedora
fedoraprojectfedora
fedoraprojectfedora
postfixadminpostfixadmin>= 0 < 3.0.2-2ubuntu0.1~esm13.0.2-2ubuntu0.1~esm1
postfixadminpostfixadmin>= 0 < 3.2.1-3ubuntu0.1~esm13.2.1-3ubuntu0.1~esm1
postfixadminpostfixadmin>= 0 < 3.3.10-2ubuntu0.1~esm13.3.10-2ubuntu0.1~esm1
smarty-phpsmarty< 3.1.483.1.48
smarty-phpsmarty
smartysmarty< 3.1.483.1.48
smartysmarty>= 0 < 3.1.483.1.48
smartysmarty>= 4.0.0 < 4.3.14.3.1
smartysmarty>= 4.0.0 < 4.3.14.3.1
ubuntucivicrm
ubuntupostfixadmin
ubuntusmarty3

CVSS provenance

nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv8.8HIGH
vendor_ubuntu8.8HIGH
vendor_debian7.1HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.