LOW🇬🇧 English

CVE-2023-3035

CVSS 3.5v3.1pub. 2023-06-01upd. 2024-11-21

A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230467.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
  • Gougucms Pythagorean Oa Office System

    APP
    Gougucms
    ≤ 4.50.31
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2023-46393HIGH7.5ten sam vendor

gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to...

CVE-2023-46394MEDIUM5.4ten sam vendor

A stored cross-site scripting (XSS) vulnerability in /home/user/edit_submit of gougucms v4.08.18 allows attack...