CVE-2023-3021 MEDIUM

CVE-2023-3021: Cross-site Scripting (XSS) - Stored in mkucej/i-librarian-free

Vendor Mkucej
Product mkucej/i-librarian-free
Weakness CWE-79 · XSS
Published May 31, 2023
Last update January 9, 2025
View on NVD All CVEs

CVSS base score

4.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4.

Key dates

02Disclosure timeline

May 31, 2023 CVE published
January 9, 2025 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-37199 WordPress Enfold theme <= 5.6.9 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2024-2958 SVS Pricing Tables <= 1.0.4 - Authenticated (Admin+) Stored Cross-Site Scripting CVE-2023-6473 SourceCodester Online Quiz System take-quiz.php cross site scripting CVE-2023-51730 Stored Cross Site Scripting Vulnerability in Skyworth Router CVE-2024-4398 HTML5 Audio Player- Best WordPress Audio Player Plugin <= 2.2.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets