How severe is CVE-2023-37360?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2023-37360?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2023-37360

MEDIUM Year: 2023

CVSS v3 Score

6.1

Medium

Weakness Type

CWE-74

View all →

Vulnerability Description

pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (which may be realistic within enterprise security products).

CVE-2014-10386

MEDIUM

CVSS:6.1(Medium)

The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections.

CWE-742014

CVE-2014-10391

MEDIUM

CVSS:6.1(Medium)

The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection.

CWE-742014

CVE-2014-10394

MEDIUM

CVSS:6.1(Medium)

The rich-counter plugin before 1.2.0 for WordPress has JavaScript injection via a User-Agent header.

CWE-742014

CVE-2015-3154

MEDIUM

CVSS:6.1(Medium)

CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HT...

CWE-742015

CVE-2015-5462

MEDIUM

CVSS:6.1(Medium)

AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features.

CWE-742015

CVE-2016-5701

MEDIUM

CVSS:6.1(Medium)

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions v...

CWE-742016

CVE-2023-37360

Vulnerability Description

Related Vulnerabilities

CVE-2014-10386

CVE-2014-10391

CVE-2014-10394

CVE-2015-3154

CVE-2015-5462

CVE-2016-5701