CVE-2023-2076
⚪ Do wiadomości
Wykorzystanie podatności w Campcodes Online Traffic Offense Management System umożliwia zdalne przeprowadzenie ataku typu cross-site scripting.
CVSS
3.5
EPSS
0.1%
Exploit
poc
Vendor
campcodes
Opis źródłowy (NVD)
A vulnerability classified as problematic was found in Campcodes Online Traffic Offense Management System 1.0. This vulnerability affects unknown code of the file /classes/Users.phpp. The manipulation of the argument id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-226054 is the identifier assigned to this vulnerability.
exploit xss
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 3.5 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 0.1% |
| Opublikowano (NVD) | 2023-04-14 20:15:09 UTC |
| Ostatnia modyfikacja (NVD) | 2026-03-17 19:57:42 UTC |
Referencje
- https://github.com/E1CHO/cve_hub/blob/main/Online%20Traffic%20Offense%20Management%20System/Online%20Traffic%20Offense%20Management%20System%20-%20vuln%204.pdf (cna@vuldb.com) [Exploit, Third Party Advisory]
- https://vuldb.com/?ctiid.226054 (cna@vuldb.com) [Permissions Required, Third Party Advisory]
- https://vuldb.com/?id.226054 (cna@vuldb.com) [Third Party Advisory]