Vulnerability Description
A cross-site scripting (XSS) vulnerability in User Registration & Login and User Management System with Admin Panel v3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the first and last name field.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| User Registration \& Login And User Management System With Admin Panel Project | User Registration \& Login And User Management System With Admin Panel | 3.0 |
Related Weaknesses (CWE)
References
- https://medium.com/%40ridheshgohil1092/my-first-cve-2023-27225-f232650f6cde
- https://packetstormsecurity.comThird Party AdvisoryVDB Entry
- https://medium.com/%40ridheshgohil1092/my-first-cve-2023-27225-f232650f6cde
- https://packetstormsecurity.comThird Party AdvisoryVDB Entry
FAQ
What is CVE-2023-27225?
CVE-2023-27225 is a vulnerability with a CVSS score of 5.4 (MEDIUM). A cross-site scripting (XSS) vulnerability in User Registration & Login and User Management System with Admin Panel v3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload i...
How severe is CVE-2023-27225?
CVE-2023-27225 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-27225?
Check the references section above for vendor advisories and patch information. Affected products include: User Registration \& Login And User Management System With Admin Panel Project User Registration \& Login And User Management System With Admin Panel.