CVE-2023-23637

CVSS V2 None CVSS V3 None
Description
IMPatienT before 1.5.2 allows stored XSS via onmouseover in certain text fields within a PATCH /modify_onto request to the ontology builder. This may allow attackers to steal Protected Health Information.
Overview
  • CVE ID
  • CVE-2023-23637
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-17T21:15:17
  • Last Modified Date
  • 2023-01-25T02:29:20
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:unistra:impatient:*:*:*:*:*:*:*:* 1 OR 1.5.2
History
Created Old Value New Value Data Type Notes
2023-01-17 22:18:10 Added to TrackCVE
2023-01-17 23:14:29 2023-01-17T23:01:04 CVE Modified Date updated
2023-01-17 23:14:29 Received Awaiting Analysis Vulnerability Status updated
2023-01-23 21:13:20 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-25 03:16:16 2023-01-25T02:29:20 CVE Modified Date updated
2023-01-25 03:16:16 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-25 03:16:17 Weakness Enumeration new
2023-01-25 03:16:19 CPE Information updated