CVE-2023-2102

CVSS V2 None CVSS V3 None

Description

Cross-site Scripting (XSS) - Stored in GitHub repository alextselegidis/easyappointments prior to 1.5.0.

Overview

CVE ID
CVE-2023-2102

Assigner
security@huntr.dev

Vulnerability Status
Analyzed

Published Version
2023-04-15T13:15:45

Last Modified Date
2023-04-24T18:59:54

Weakness Enumerations

CWE	URL
CWE-79	http://cwe.mitre.org/data/definitions/79.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:easyappointments:easyappointments::::::::	1	OR		1.5.0

References

Reference URL	Reference Tags
https://github.com/alextselegidis/easyappointments/commit/bddc5cbeb7ff237a72943b304dcb01c653781767
https://huntr.dev/bounties/dd7c04a7-a984-4387-9ac4-24596e7ece44

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-2102
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2102

History

Created	Old Value	New Value	Data Type	Notes
2023-04-17 04:46:49				Added to TrackCVE
2023-04-17 04:46:52			Weakness Enumeration	new
2023-04-17 14:01:07		2023-04-17T13:12:43	CVE Modified Date	updated
2023-04-17 14:01:07	Received	Awaiting Analysis	Vulnerability Status	updated
2023-04-17 14:01:13			CVSS V3 information	new
2023-04-19 12:01:03	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-04-19 12:01:08			CVSS V3 information	new
2023-04-24 19:01:19		2023-04-24T18:59:54	CVE Modified Date	updated
2023-04-24 19:01:20	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-04-24 19:01:25			CPE Information	updated
2023-04-24 19:01:26			CVSS V3 information	new