CVE-2023-1892 HIGH

CVE-2023-1892: Cross-site Scripting (XSS) - Reflected in sidekiq/sidekiq

Vendor Sidekiq
Product sidekiq/sidekiq
Weakness CWE-79 · XSS
Published April 5, 2023
Last update February 10, 2025
View on NVD All CVEs

CVSS base score

8.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Reflected in GitHub repository sidekiq/sidekiq prior to 7.0.8.

Key dates

02Disclosure timeline

April 5, 2023 CVE published
February 10, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-13350 SearchIQ – The Search Solution <= 4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-51852 WordPress Dynamic Post Grid Elementor Addon plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability CVE-2021-24343 iFlyChat – WordPress Chat < 4.7.0 - Admin+ Stored Cross-Site Scripting (XSS) CVE-2023-32503 WordPress GTmetrix for WordPress Plugin <= 0.4.6 is vulnerable to Cross Site Scripting (XSS) CVE-2024-8728 Easy Load More <= 1.0.3 - Reflected Cross-Site Scripting