CVE-2023-3142
published 2023-06-07CVE-2023-3142: Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.
PriorityP424medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.35%
26.4th percentile
Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 2.0.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microweber | microweber | < 2.0 | 2.0 |
| microweber | microweber | 0 – 1.3.4 | — |
| microweber | microweber_microweber | >= unspecified < 2.0 | 2.0 |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv3.03.8LOWCVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L
vendor_redhat4.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Microweber Cross-site Scripting vulnerability
ghsa·2023-06-07
CVE-2023-3142 [MEDIUM] CWE-79 Microweber Cross-site Scripting vulnerability
Microweber Cross-site Scripting vulnerability
Microweber 1.3.4 and prior is vulnerable to stored cross-site scripting via an alert on the `Editing` page. This issue is fixed in commit 42efa981a2239d042d910069952d6276497bdcf1.
OSV
Microweber Cross-site Scripting vulnerability
osv·2023-06-07
CVE-2023-3142 [MEDIUM] Microweber Cross-site Scripting vulnerability
Microweber Cross-site Scripting vulnerability
Microweber 1.3.4 and prior is vulnerable to stored cross-site scripting via an alert on the `Editing` page. This issue is fixed in commit 42efa981a2239d042d910069952d6276497bdcf1.
Red Hat
kernel: tracing: Fix race issue between cpu buffer write and swap
vendor_redhat·2025-09-17·CVSS 4.7
CVE-2023-53368 [MEDIUM] CWE-362 kernel: tracing: Fix race issue between cpu buffer write and swap
kernel: tracing: Fix race issue between cpu buffer write and swap
In the Linux kernel, the following vulnerability has been resolved:
tracing: Fix race issue between cpu buffer write and swap
Warning happened in rb_end_commit() at code:
if (RB_WARN_ON(cpu_buffer, !local_read(&cpu_buffer->committing)))
WARNING: CPU: 0 PID: 139 at kernel/trace/ring_buffer.c:3142
rb_commit+0x402/0x4a0
Call Trace:
ring_buffer_unlock_commit+0x42/0x250
trace_buffer_unlock_commit_regs+0x3b/0x250
trace_event_buffer_commit+0xe5/0x440
trace_event_buffer_reserve+0x11c/0x150
trace_event_raw_event_sched_switch+0x23c/0x2c0
__traceiter_sched_switch+0x59/0x80
__schedule+0x72b/0x1580
schedule+0x92/0x120
worker_thread+0xa0/0x6f0
It is because the race between writing event into cpu buffer and swapping
cpu buffer through fi
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://github.com/microweber/microweber/commit/42efa981a2239d042d910069952d6276497bdcf1https://huntr.dev/bounties/d00686b0-f89a-4e14-98d7-b8dd3f92a6e5https://github.com/microweber/microweber/commit/42efa981a2239d042d910069952d6276497bdcf1https://huntr.dev/bounties/d00686b0-f89a-4e14-98d7-b8dd3f92a6e5
2023-06-07
Published