Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-32670

Published: 03/10/2023 Updated: 04/10/2023
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 0
Subscribe to Buddyboss

Vulnerability Summary

Cross-Site Scripting vulnerability in BuddyBoss 2.2.9 version , which could allow a local attacker with basic privileges to execute a malicious payload through the "[name]=image.jpg" parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

buddyboss buddyboss 2.2.9

References

CWE-79https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-budybosshttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377CVE-2024-20859CVE-2023-49606injectarbitrary CVE-2024-33788CVE-2024-30973IDORCVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook