Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.1
CVSSv3

CVE-2023-49078

Published: 28/11/2023 Updated: 04/12/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Zediious

Vulnerability Summary

raptor-web is a CMS for game server communities that can be used to host information and keep track of players. In version 0.4.4 of raptor-web, it is possible to craft a malicious URL that will result in a reflected cross-site scripting vulnerability. A user controlled URL parameter is loaded into an internal template that has autoescape disabled. This is a cross-site scripting vulnerability that affects all deployments of `raptor-web` on version `0.4.4`. Any victim who clicks on a malicious crafted link will be affected. This issue has been patched 0.4.4.1.

Vulnerable Product Search on Vulmon Subscribe to Product

zediious raptor-web 0.4.4

References

CWE-79https://github.com/zediious/raptor-web/security/advisories/GHSA-8r6g-fhh4-xhmqhttps://github.com/zediious/raptor-web/releases/tag/0.4.4.1https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypassCVE-2024-30051remoteCVE-2024-27954CVE-2023-51483CVE-2023-47782SSRFCVE-2024-24715CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook