Vulnerability Description
KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into the Description field.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kodcloud | Kodexplorer | 4.51 |
Related Weaknesses (CWE)
References
- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/KodExplorer4.51ExploitThird Party Advisory
- https://github.com/kalcaddle/KodExplorerProduct
- https://www.chtsecurity.com/news/13a86b33-7e49-4167-9682-7ff3f51cbcba%20
- https://www.chtsecurity.com/news/55f0a781-f7bf-4b2f-b2cc-7957fdf846da
- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/KodExplorer4.51ExploitThird Party Advisory
- https://github.com/kalcaddle/KodExplorerProduct
- https://www.chtsecurity.com/news/13a86b33-7e49-4167-9682-7ff3f51cbcba%20
- https://www.chtsecurity.com/news/55f0a781-f7bf-4b2f-b2cc-7957fdf846da
FAQ
What is CVE-2023-37153?
CVE-2023-37153 is a vulnerability with a CVSS score of 6.1 (MEDIUM). KodExplorer 4.51 contains a Cross-Site Scripting (XSS) vulnerability in the Description box of the Light App creation feature. An attacker can exploit this vulnerability by injecting XSS syntax into t...
How severe is CVE-2023-37153?
CVE-2023-37153 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-37153?
Check the references section above for vendor advisories and patch information. Affected products include: Kodcloud Kodexplorer.