Vulnerability Description
Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2. MegaBIP 5.08 was tested and is not vulnerable. A precise range of vulnerable versions remains unknown.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Megabip | Megabip | <= 4.36.2 |
| Smod | Smodbip | <= 2.21 |
Related Weaknesses (CWE)
References
- https://cert.pl/en/posts/2023/12/CVE-2023-5378Third Party Advisory
- https://cert.pl/posts/2023/12/CVE-2023-5378Third Party Advisory
- https://megabip.pl/Product
- https://smod.pl/Product
- https://cert.pl/en/posts/2023/12/CVE-2023-5378Third Party Advisory
- https://cert.pl/posts/2023/12/CVE-2023-5378Third Party Advisory
- https://megabip.pl/Product
- https://smod.pl/Product
FAQ
What is CVE-2023-5378?
CVE-2023-5378 is a vulnerability with a CVSS score of 8.8 (HIGH). Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2. Mega...
How severe is CVE-2023-5378?
CVE-2023-5378 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-5378?
Check the references section above for vendor advisories and patch information. Affected products include: Megabip Megabip, Smod Smodbip.