CVE-2023-34599
published 2023-06-29CVE-2023-34599: Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code.
PriorityP337medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
1.87%
76.7th percentile
Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gibbonedu | gibbon | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Gibbon v25.0.0 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2023-34599 [MEDIUM] Gibbon v25.0.0 - Cross-Site Scripting
Gibbon v25.0.0 - Cross-Site Scripting
Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code.
Template:
id: CVE-2023-34599
info:
name: Gibbon v25.0.0 - Cross-Site Scripting
author: ritikchaddha
severity: medium
description: |
Multiple Cross-Site Scripting (XSS) vulnerabilities have been identified in Gibbon v25.0.0, which enable attackers to execute arbitrary Javascript code.
impact: |
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement.
remediation: |
Apply the latest security patches or updates provided by the vendor to mitigate this vulnerability
No writeups or analysis indexed.
2023-06-29
Published