Cross-site Scripting (XSS) - Reflected in phpipam/phpipam
CVE-2023-0676

6.1MEDIUM

Key Information:

Vendor: PHPipam
Status: PHPipam/PHPipam
Vendor: CVE Published:; 4 February 2023

🔔 Create PHPipam Vulnerability Alert

What is CVE-2023-0676?

Cross-site Scripting (XSS) - Reflected in GitHub repository phpipam/phpipam prior to 1.5.1.

Affected Version(s)

phpipam/phpipam < 1.5.1

References

https://huntr.dev/bounties/b72d4f0c-8a96-4b40-a031-7d469c...

https://github.com/phpipam/phpipam/commit/94ec73ff1d33926...

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

CVSS V3.0

Score:

2.4

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 4, 2023
Vulnerability Reserved
Feb 4, 2023