What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository uvdesk/community-skeleton prior to 1.1.0.
CVE-2023-1197
MEDIUM
CVE-2023-1197: Cross-site Scripting (XSS) - Stored in uvdesk/community-skeleton
CVSS base score
4.3/10
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:L
Key dates
02Disclosure timeline
March 6, 2023
CVE published
March 6, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-51869 WordPress Gutenium Blocks plugin <= 1.1.7 - Cross Site Scripting (XSS) vulnerability
CVE-2024-4329 Thim Elementor Kit <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
CVE-2025-43802
CVE-2025-5844 Radius Blocks <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via subHeadingTagName Parameter
CVE-2025-53838 LinkAce has a Stored One Click XSS vulnerability
