CVE-2023-3559 in PHP GZ Appointment Scheduling Scriptinformação

Sumário

de MITRE • 10/07/2023

A vulnerability classified as problematic was found in GZ Scripts PHP GZ Appointment Scheduling Script 1.8. Affected by this vulnerability is an unknown functionality of the file /load.php. The manipulation of the argument first_name/second_name/phone/address_1/country leads to cross site scripting. The attack can be launched remotely. The identifier VDB-233353 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulDB

Reservar

08/07/2023

Divulgação

10/07/2023

Moderação

aceite

Entrada

VDB-233353

CPE

pronto

CWE

CWE-79 (confirmado)

CVSS

6.1 (NVD)

EPSS

0.00283

KEV

não

Atividades

muito baixo

Sector

Finance, Agriculture, ...

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-3559
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-3559
CVE Details	https://www.cvedetails.com/cve/CVE-2023-3559/

◂ Voltar Visão Geral Próximo ▸

Interested in the pricing of exploits?

See the underground prices here!