CVE-2023-1107 MEDIUM

CVE-2023-1107: Cross-site Scripting (XSS) - Stored in flatpressblog/flatpress

Vendor Flatpressblog
Product flatpressblog/flatpress
Weakness CWE-79 · XSS
Published March 2, 2023
Last update March 7, 2025
View on NVD All CVEs

CVSS base score

6.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository flatpressblog/flatpress prior to 1.3.

Key dates

02Disclosure timeline

March 2, 2023 CVE published
March 7, 2025 Record updated