Vulnerability Description
QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can exploit the vulnerability to execute persistent cross-site scripting attacks, potentially leading to session hijacking and application module manipulation.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://apps.apple.com/us/app/qwe/id935520103
- https://www.vulncheck.com/advisories/qwe-dl-persistent-xss-vulnerability-via-pat
- https://www.vulnerability-lab.com/get_content.php?id=2326
FAQ
What is CVE-2023-54343?
CVE-2023-54343 is a vulnerability with a CVSS score of 6.4 (MEDIUM). QWE DL 2.0.1 mobile web application contains a persistent input validation vulnerability allowing remote attackers to inject malicious script code through path parameter manipulation. Attackers can ex...
How severe is CVE-2023-54343?
CVE-2023-54343 has been rated MEDIUM with a CVSS base score of 6.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-54343?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.