CVE-2023-3557

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 10, 2023

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2023-3557 is a newly identified vulnerability in GZ Scripts Property Listing Script 1.0. This issue, rated as problematic, allows for cross-site scripting (XSS) attacks. The vulnerability is triggered by manipulating the argument "page/layout/sort_by" in the file "/preview.php". Attacks can be initiated remotely. The associated identifier for this vulnerability is VDB-233351. Notably, efforts to contact the vendor regarding this disclosure have been unsuccessful.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r6x0cJ
https://www.cve.org/CVERecord?id=CVE-2023-3557
https://nvd.nist.gov/vuln/detail/CVE-2023-3557

Back to Vulnerability Database

CVE-2023-3557

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations