What the vulnerability does
01Description
Cross-site Scripting (XSS) - Stored in GitHub repository omeka/omeka-s prior to 4.0.3.
CVE-2023-4158
MEDIUM
CVE-2023-4158: Cross-site Scripting (XSS) - Stored in omeka/omeka-s
CVSS base score
6.4/10
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:L
Key dates
02Disclosure timeline
August 4, 2023
CVE published
October 9, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-25096 WordPress RSS in Page plugin <= 2.9.1 - Stored Cross Site Scripting (XSS) vulnerability
CVE-2025-47929 DumbDrop vulnerable to DOM XSS via file upload
CVE-2024-27188 WordPress Breeze plugin <= 2.1.3 - Cross Site Scripting (XSS) vulnerability
CVE-2024-32575 WordPress Mega Elements plugin <= 1.1.9 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23753 WordPress DN Sitemap Control plugin <= 1.0.6 - Reflected Cross Site Scripting (XSS) vulnerability
