CVE-2023-47559

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
5.4MEDIUM
EPSS
0.1%
top 77.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems Inc. QumagieQnap Qumagie
Timeline
PublishedJan 5

Description

A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: QuMagie 2.2.1 and later

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:LExploitability: 1.3 | Impact: 3.7

Affected Packages2 packages

CVEListV5qnap_systems_inc./qumagie2.2.x2.2.1
NVDqnap/qumagie2.2.0

🔴Vulnerability Details

2
GHSA
GHSA-xwq3-6vm6-9m42: A cross-site scripting (XSS) vulnerability has been reported to affect QuMagie2024-01-05
CVEList
QuMagie2024-01-05
CVE-2023-47559 (MEDIUM CVSS 5.4) | A cross-site scripting (XSS) vulner | cvebase.io