CVE-2023-2191 LOW

CVE-2023-2191: Cross-site Scripting (XSS) - Stored in azuracast/azuracast

Vendor Azuracast
Product azuracast/azuracast
Weakness CWE-79 · XSS
Published April 20, 2023
Last update February 5, 2025
View on NVD All CVEs

CVSS base score

3.5/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository azuracast/azuracast prior to 0.18.

Key dates

02Disclosure timeline

April 20, 2023 CVE published
February 5, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-24626 WordPress Logo Slider plugin <= 5.1.1 - Cross Site Scripting (XSS) vulnerability CVE-2023-6497 WordPress Simple Shopping Cart <= 4.7.1 - Authenticated(Administrator+) Stored Cross-Site Scripting CVE-2026-30812 Stored Cross-Site Scripting in Event Comments via Filter Bypass CVE-2025-10552 Stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2025x CVE-2023-41791 Lack of Authorization and Stored XSS Via Translation Abuse