CVE-2023-1683 MEDIUM

CVE-2023-1683: Xunrui CMS system_log.html information disclosure

Vendor Xunrui

Product CMS

Weakness CWE-200 · Info exposure

Published March 29, 2023

Last update August 2, 2024

View on NVD All CVEs

CVSS base score

4.3/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality Low

Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

What the vulnerability does

01Description

A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224240.

Key dates

02Disclosure timeline

March 29, 2023 CVE published

August 2, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-1683

Related vulnerabilities

04Related CVE

CVE-2021-24948 The Plus Addons for Elementor Pro < 5.0.7 - Sensitive Data Disclosure CVE-2026-30852 Caddy: vars_regexp double-expands user input, leaking env vars and files CVE-2024-10352 Magical Addons For Elementor <= 1.2.4 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Template CVE-2017-7520 CVE-2024-13042 Tsinghua Unigroup Electronic Archives Management System download.html download information disclosure