CVE-2023-5564 MEDIUM

CVE-2023-5564: Cross-site Scripting (XSS) - Stored in froxlor/froxlor

Vendor Froxlor
Product froxlor/froxlor
Weakness CWE-79 · XSS
Published October 13, 2023
Last update September 17, 2024
View on NVD All CVEs

CVSS base score

5.2/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

What the vulnerability does

01Description

Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1.

Key dates

02Disclosure timeline

October 13, 2023 CVE published
September 17, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2022-45363 WordPress Betheme premium theme <= 26.6.1 - Auth. Stored Cross-Site Scripting (XSS) vulnerability CVE-2019-25088 ytti Oxidized Web conf_search.haml cross site scripting CVE-2022-43578 IBM Sterling B2B Integrator Standard Edition cross-site scripting CVE-2025-62060 WordPress Tab Ultimate plugin <= 1.8 - Cross Site Scripting (XSS) vulnerability CVE-2025-12289 Sui Shang Information Technology Suishang Enterprise-Level B2B2C Multi-User Mall System 1001 cross site scripting