CVE-2023-36163
published 2023-07-11CVE-2023-36163: Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc…
PriorityP339medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
2.94%
85.4th percentile
Cross Site Scripting vulnerability in IP-DOT BuildaGate v.BuildaGate5 allows a remote attacker to execute arbitrary code via a crafted script to the mc parameter of the URL.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| buildagate_project | buildagate | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/173366/BuildaGate5-Cross-Site-Scripting.htmlhttp://www.levi-coins.co.il/BuildaGate5/general2/company_search_tree.php?SiteName=levicoinshttp://www.misdar-jabo.org/BuildaGate5/general2/company_search_tree.php?NewNameMade=0&SiteName=misdar&lan=en&EnterDefault=&Referral=tree&BuyerID=104732450&Clubtmp1=&SearchTop=https://afula.libraries.co.il/BuildaGate5library/general2/company_search_tree.php?mc=0https://github.com/TraiLeR2?tab=overview&from=2023-05-01&to=2023-05-31http://packetstormsecurity.com/files/173366/BuildaGate5-Cross-Site-Scripting.htmlhttp://www.levi-coins.co.il/BuildaGate5/general2/company_search_tree.php?SiteName=levicoinshttp://www.misdar-jabo.org/BuildaGate5/general2/company_search_tree.php?NewNameMade=0&SiteName=misdar&lan=en&EnterDefault=&Referral=tree&BuyerID=104732450&Clubtmp1=&SearchTop=https://afula.libraries.co.il/BuildaGate5library/general2/company_search_tree.php?mc=0https://github.com/TraiLeR2?tab=overview&from=2023-05-01&to=2023-05-31
2023-07-11
Published