What the vulnerability does
01Description
Cross-site Scripting (XSS) - Reflected in GitHub repository modoboa/modoboa prior to 2.0.5.
CVE-2023-0949
MEDIUM
CVE-2023-0949: Cross-site Scripting (XSS) - Reflected in modoboa/modoboa
CVSS base score
4.8/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
February 22, 2023
CVE published
March 12, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2023-30784 WordPress Kaya QR Code Generator Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)
CVE-2025-67710 Stored XSS vulnerability in ArcGIS Server
CVE-2024-11464 Easy Code Snippets <= 1.0.2 - Reflected Cross-Site Scripting
CVE-2023-2349 SourceCodester Service Provider Management System index.php cross site scripting
CVE-2025-34317 IPFire < v2.29 Stored XSS via DNS Creation (dns.cgi)
