CVE-2023-47379
unknown
CVSS v3
—
CVSS v2
—
VIR risk
—
Description
Microweber Cross-site Scripting vulnerability
Predictions
Exploit likelihood
30%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | microweber/microweber | <2.0.3 | 2.0.3 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2023-47379
- https://github.com/microweber/microweber/commit/a481f079d74e82f6094abf15d67e814349d1038a
- https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00
- https://github.com/microweber/microweber
- https://github.com/microweber/microweber/blob/master/CHANGELOG.md
- https://www.getastra.com/blog/security-audit/stored-xss-vulnerability
Verify integrity in audit chain (admin only). AS-IS.