CVE-2023-44770

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-44770

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-44770.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-44770

Aliases

GHSA-mr4w-7vm9-cgqx

Published

2023-10-06T13:15:13Z

Modified

2025-10-16T10:12:20.813991Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A Cross-Site Scripting (XSS) vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias.

References

https://github.com/sromanhu/ZenarioCMS--Reflected-XSS---Organizer-Alias/blob/main/README.md

Affected packages

Git / github.com/tribalsystems/zenario

Affected ranges

Type: GIT
Repo: https://github.com/tribalsystems/zenario
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

c53e3c6b12d57d76a9c0242fe8fca0af3cdd5e98

Affected versions

7.*

7.0.2e

7.0.3a

7.0.4b

7.0.5b

7.0.5c

7.0.6a

7.0.6b

7.0.7a

7.0.7b

7.0.7c

7.0.7d

7.0.7e

7.1.0

7.1.1

7.1.2

7.2.0

7.2.1

7.2.2

7.2.3

7.3.0

7.4.0

7.4.1

7.4.2

7.4.3

7.4.4

7.5.0

7.5.40440

7.5.41006

7.5.41499

7.6.41504

7.6.41633

7.6.42085

7.7.42682

7.7.42963

7.7.42990

7.7.44223

8.*

8.0.44237

8.0.44273

8.0.44294

8.0.44521

8.0.45032

8.0.45250

8.0.45529

8.1.45530

8.1.45698

8.1.46089

8.1.46433

8.2.46436

8.2.46614

8.2.47180

8.2.47369

8.2.47992

8.3.47997

8.3.48583

8.3.50564

8.4.50565

8.5.50567

8.5.50837

8.5.51340

8.6.51342

8.7

8.8

8.8.53370

8.8.53725

8.9.54063

8.9.54149

8.9.54153

9.*

9.0.54156

9.0.55141

9.1.55143

9.1.55510

9.1.55619

9.2

9.2.55826

9.2.57169

9.3.57186

9.3.57474

9.3.57595

9.3.57709

9.3.57754

9.3.58670

9.4.58686

9.4.59197