Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-45471

Published: 20/10/2023 Updated: 30/10/2023
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 0
Subscribe to Search Server

Vulnerability Summary

The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and including, 1.0.0.315 due to insufficient checks on indexes. This makes it possible for unauthenticated malicious users to create a new index and inject a malicious web script into its name, that will execute whenever a user accesses the search page.

Vulnerable Product Search on Vulmon Subscribe to Product

qad search server

Github Repositories

https://github.com/itsAptx/CVE-2023-45471

CVE ID: CVE-2023-45471 Vulnerability Type: Cross-Site Scripting (XSS) Affected product: QAD Search Server Affected versions: 100315 (confirmed), all prior versions (allegedly) Description: The QAD Search Server is vulnerable to Stored Cross-Site Scripting (XSS) in versions up to, and including, 100315 due to insufficient checks on indexes This makes it possible for unaut

References

CWE-79https://github.com/itsAptx/CVE-2023-45471https://nvd.nist.govhttps://github.com/itsAptx/CVE-2023-45471
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injectionSSRFbuffer overflowCVE-2023-28952CVE-2023-41822CVE-2024-27956CVE-2023-7028CVE-2024-34447CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook