CVE-2023-43345

HIGH Year: 2023
CVSS v3 Score
8.6
High
Weakness Type
CWE-79
View all →

Vulnerability Description

Cross-site scripting (XSS) vulnerability in opensolution Quick CMS v.6.7 allows a local attacker to execute arbitrary code via a crafted script to the Content - Name parameter in the Pages Menu component.

Related Vulnerabilities

CVE-2017-9062

HIGH
CVSS:8.6(High)

In WordPress before 4.7.5, there is improper handling of post meta data values in the XML-RPC API.

CWE-792017

CVE-2019-13538

HIGH
CVSS:8.6(High)

3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versions prior to 3.5.16.0, allows the system to display active library content without checking its validity, which may allow the cont...

CWE-792019

CVE-2022-0501

HIGH
CVSS:8.6(High)

Cross-site Scripting (XSS) - Reflected in Packagist ptrofimov/beanstalk_console prior to 1.7.12.

CWE-792022

CVE-2022-2065

HIGH
CVSS:8.6(High)

Cross-site Scripting (XSS) - Stored in GitHub repository neorazorx/facturascripts prior to 2022.06.

CWE-792022

CVE-2022-4841

HIGH
CVSS:8.6(High)

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.

CWE-792022

CVE-2023-0309

HIGH
CVSS:8.6(High)

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

CWE-792023