Vulnerability Description
The MoroSystems EasyMind - Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter.
CVSS Score
5.4
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Morosystems | Easymind | < 2.15.0 |
Related Weaknesses (CWE)
References
- https://marketplace.atlassian.com/apps/1211267/easymind-mind-maps-for-confluenceRelease Notes
- https://y-security.de/news-en/easymind-cross-site-scripting-cve-2023-30452/indexThird Party Advisory
- https://marketplace.atlassian.com/apps/1211267/easymind-mind-maps-for-confluenceRelease Notes
- https://y-security.de/news-en/easymind-cross-site-scripting-cve-2023-30452/indexThird Party Advisory
FAQ
What is CVE-2023-30452?
CVE-2023-30452 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The MoroSystems EasyMind - Mind Maps plugin before 2.15.0 for Confluence allows persistent XSS when saving a Mind Map with the hyperlink parameter.
How severe is CVE-2023-30452?
CVE-2023-30452 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-30452?
Check the references section above for vendor advisories and patch information. Affected products include: Morosystems Easymind.