Reflected XSS Vulnerability in Basix NEX-Forms - Ultimate Form Builder
CVE-2024-47389
7.1HIGH
Key Information
- Vendor
- Basix
- Status
- Nex-forms – Ultimate Form Builder
- Vendor
- CVE Published:
- 5 October 2024
Summary
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Reflected XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.7.3.
Affected Version(s)
NEX-Forms – Ultimate Form Builder <= 8.7.3
CVSS V3.1
Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published.
Vulnerability Reserved.
Collectors
NVD DatabaseMitre Database
Credit
Le Ngoc Anh (Patchstack Alliance)