Cross Site Scripting Vulnerability in Admidio by Admidio
CVE-2023-47380

6.1MEDIUM

Key Information:

Vendor

Admidio

Status
Admidio
Vendor
CVE Published:
22 November 2023

What is CVE-2023-47380?

Admidio versions up to 4.2.12 are susceptible to a Cross Site Scripting (XSS) vulnerability, allowing attackers to inject malicious scripts into web pages viewed by other users. This can lead to unauthorized actions and sensitive data exposure. Proper validation and sanitization of user inputs are critical to mitigate this vulnerability. It is recommended to update to Admidio version 4.2.13 or later to protect against these security risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.getastra.com/blog/security-audit/reflected-xs...
https://www.admidio.org/intern/adm_program/modules/announ...
https://github.com/Admidio/admidio/releases/tag/v4.2.13

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.