CVE-2023-4115 MEDIUM

CVE-2023-4115: PHP Jabbers Cleaning Business index.php cross site scripting

Vendor Php Jabbers
Product Cleaning Business
Weakness CWE-79 · XSS
Published August 3, 2023
Last update November 21, 2024
View on NVD All CVEs

CVSS base score

4.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

A vulnerability classified as problematic has been found in PHP Jabbers Cleaning Business 1.0. Affected is an unknown function of the file /index.php. The manipulation of the argument index leads to cross site scripting. It is possible to launch the attack remotely. VDB-235962 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Key dates

02Disclosure timeline

August 3, 2023 CVE published
November 21, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-67542 WordPress Multi-Step Checkout for WooCommerce plugin <= 2.33 - Cross Site Scripting (XSS) vulnerability CVE-2025-46459 WordPress Confirm User Registration plugin <= 2.1.5 - Cross Site Scripting (XSS) Vulnerability CVE-2022-34853 WordPress Team plugin <= 1.2.6 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities CVE-2024-33951 WordPress Perfect Pullquotes plugin <= 1.7.5 - Cross Site Scripting (XSS) vulnerability CVE-2024-56257 WordPress Coins MarketCap plugin <= 5.5.8 - Cross Site Scripting (XSS) vulnerability