CVE-2023-0306

CRITICAL Year: 2023
CVSS v3 Score
9.1
Critical
Weakness Type
CWE-79
View all →

Vulnerability Description

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.

Related Vulnerabilities

CVE-2022-1380

CRITICAL
CVSS:9.1(Critical)

Stored Cross Site Scripting vulnerability in Item name parameter in GitHub repository snipe/snipe-it prior to v5.4.3. The vulnerability is capable of stolen the user Cookie.

CWE-792022

CVE-2022-2217

CRITICAL
CVSS:9.1(Critical)

Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0.

CWE-792022

CVE-2022-2218

CRITICAL
CVSS:9.1(Critical)

Cross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0.

CWE-792022

CVE-2023-48082

CRITICAL
CVSS:9.1(Critical)

Nagios XI before 2024R1 was discovered to improperly handle API keys generation (randomly-generated), allowing attackers to possibly generate the same set of API keys for all users and utilize them to...

CWE-792023

CVE-2023-50808

CRITICAL
CVSS:9.1(Critical)

Zimbra Collaboration before Kepler 9.0.0 Patch 38 GA allows DOM-based JavaScript injection in the Modern UI.

CWE-792023

CVE-2023-5316

CRITICAL
CVSS:9.1(Critical)

Cross-site Scripting (XSS) - DOM in GitHub repository thorsten/phpmyfaq prior to 3.1.18.

CWE-792023