GHSA-3x3w-849q-423v

Suggest an improvement
Source
https://github.com/advisories/GHSA-3x3w-849q-423v
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/12/GHSA-3x3w-849q-423v/GHSA-3x3w-849q-423v.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-3x3w-849q-423v
Aliases
  • CVE-2023-6886
Published
2023-12-17T03:30:19Z
Modified
2024-01-02T06:11:35.876927Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
Xnx3 Wangmarket Cross-Site Scripting vulnerability
Details

A vulnerability was found in xnx3 wangmarket 6.1. It has been rated as critical. Affected by this issue is some unknown functionality of the component Role Management Page. The manipulation leads to code injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-248246 is the identifier assigned to this vulnerability.

Database specific
{
    "nvd_published_at": "2023-12-17T01:15:27Z",
    "cwe_ids": [
        "CWE-79"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2023-12-21T18:24:46Z"
}
References

Affected packages

Maven / com.xnx3.wangmarket:wangmarket

Package

Name
com.xnx3.wangmarket:wangmarket
View open source insights on deps.dev
Purl
pkg:maven/com.xnx3.wangmarket/wangmarket

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
6.1.0

Affected versions

5.*

5.3
5.4
5.6.12
5.6.17