CVE-2023-1726 MEDIUM

CVE-2023-1726: XSS in Proliz OBS

Vendor Proliz

Product OBS

Weakness CWE-79 · XSS

Published April 7, 2023

Last update May 22, 2026

View on NVD All CVEs

CVSS base score

5.4/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction Required

Confidentiality Low

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Proliz OBS allows Stored XSS for an authenticated user. This issue affects OBS: before 23.04.01.

Key dates

02Disclosure timeline

April 7, 2023 CVE published

May 22, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2023-1726 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-35719 WordPress RestroPress plugin <= 3.1.2.1 - Cross Site Scripting (XSS) vulnerability CVE-2025-49951 WordPress gAppointments Plugin <= 1.14.1 - Cross Site Scripting (XSS) Vulnerability CVE-2013-10010 zerochplus thread.res.pl PrintResList cross site scripting CVE-2025-47589 WordPress Ebook Store plugin <= 5.8009 - Cross Site Scripting (XSS) Vulnerability CVE-2026-32774 Vulnogram - Stored Cross-Site Scripting via Comment Hypertext