CVE-2023-26692

Exploit

EPSS 3.13%
Published 30.03.2023 20:15:07
Last modified 18.02.2025 19:15:11
Source cve@mitre.org
Teams watchlist Login
Open Login

ZCBS Zijper Collectie Beheer Systeem (ZCBS), Zijper Publication Management System (ZPBS), and Zijper Image Bank Management System (ZBBS) 4.14k is vulnerable to Cross Site Scripting (XSS).

Affected products Warnungen 0 Metrics 3 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Zcbs ≫ Zijper Publication Management System Version4.14k

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.13%	0.864

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

http://packetstormsecurity.com/files/171787/ZCBS-ZBBS-ZPBS-4.14k-Cross-Site-Scripting.html

https://github.com/bigzooooz/CVE-2023-26692#readme

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-26692

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-26692

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-26692

EUVD