How severe is CVE-2023-25840?

This vulnerability has a severity rating of LOW with a CVSS score of 3.4 out of 10.

What type of vulnerability is CVE-2023-25840?

This is classified as CWE-79, which is a common weakness in software security.

CVE-2023-25840

LOW Year: 2023

CVSS v3 Score

3.4

Low

Weakness Type

CWE-79

View all →

Vulnerability Description

There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 11.1 and below that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. The privileges required to execute this attack are high.

CVE-2022-4067

LOW

CVSS:3.4(Low)

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.

CWE-792022

CVE-2022-4069

LOW

CVSS:3.4(Low)

Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.

CWE-792022

CVE-2023-1237

LOW

CVSS:3.4(Low)

Cross-site Scripting (XSS) - Stored in GitHub repository answerdev/answer prior to 1.0.6.

CWE-792023

CVE-2023-36016

LOW

CVSS:3.4(Low)

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CWE-792023

CVE-2024-2171

LOW

CVSS:3.4(Low)

A stored Cross-Site Scripting (XSS) vulnerability was identified in the zenml-io/zenml repository, specifically within the 'logo_url' field. By injecting malicious payloads into this field, an attacke...

CWE-792024

CVE-2024-3166

LOW

CVSS:3.4(Low)

A Cross-Site Scripting (XSS) vulnerability exists in mintplex-labs/anything-llm, affecting both the desktop application version 1.2.0 and the latest version of the web application. The vulnerability a...

CWE-792024

CVE-2023-25840

Vulnerability Description

Related Vulnerabilities

CVE-2022-4067

CVE-2022-4069

CVE-2023-1237

CVE-2023-36016

CVE-2024-2171

CVE-2024-3166