CVE-2023-3559

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 10, 2023

Updated: May 17, 2024

CWE ID 79

Summary

CVE-2023-3554 is a newly identified vulnerability affecting the GZ Forum Script 1.8. This issue lies in an unknown functionality of the file /preview.php and stems from the manipulation of the catid/topicid/topic/topic_message/free_name arguments. This cross-site scripting (XSS) vulnerability can be exploited remotely, posing a significant security risk. The identifier for this issue is VDB-233348, and unfortunately, the vendor has not responded to disclosure efforts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/r6x-A_
https://www.cve.org/CVERecord?id=CVE-2023-3559
https://nvd.nist.gov/vuln/detail/CVE-2023-3559

Back to Vulnerability Database

CVE-2023-3559

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations