What the vulnerability does
01Description
A stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code.
CVE-2023-3588
MEDIUM
CVE-2023-3588: Stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x
CVSS base score
5.4/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Key dates
02Disclosure timeline
September 13, 2023
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2020-3355 Cisco Data Center Network Manager Stored Cross-Site Scripting Vulnerability
CVE-2020-9741 Stored XSS in AEM Forms Components
CVE-2023-49573 XSS vulnerability in VX Search Enterprise
CVE-2025-47054 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
CVE-2025-47035 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)
