nvd-json-data-feeds/CVE-2023/CVE-2023-53xx/CVE-2023-5378.json

{
  "id": "CVE-2023-5378",
  "sourceIdentifier": "cvd@cert.pl",
  "published": "2024-01-29T12:15:07.860",
  "lastModified": "2024-01-29T12:15:07.860",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Input Validation vulnerability in  MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2 (newer versions were not tested; the vendor has not confirmed fixing the vulnerability). \n\n\n"
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "cvd@cert.pl",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cvd@cert.pl",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://cert.pl/en/posts/2023/12/CVE-2023-5378",
      "source": "cvd@cert.pl"
    },
    {
      "url": "https://cert.pl/posts/2023/12/CVE-2023-5378",
      "source": "cvd@cert.pl"
    },
    {
      "url": "https://megabip.pl/",
      "source": "cvd@cert.pl"
    },
    {
      "url": "https://smod.pl/",
      "source": "cvd@cert.pl"
    }
  ]
}
Auto-Update: 2024-01-29T13:00:25.035188+00:00 2024-01-29 13:00:28 +00:00			`{`
			`"id": "CVE-2023-5378",`
			`"sourceIdentifier": "cvd@cert.pl",`
			`"published": "2024-01-29T12:15:07.860",`
			`"lastModified": "2024-01-29T12:15:07.860",`
			`"vulnStatus": "Received",`
			`"descriptions": [`
			`{`
			`"lang": "en",`
			`"value": "Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2 (newer versions were not tested; the vendor has not confirmed fixing the vulnerability). \n\n\n"`
			`}`
			`],`
			`"metrics": {`
			`"cvssMetricV31": [`
			`{`
			`"source": "cvd@cert.pl",`
			`"type": "Secondary",`
			`"cvssData": {`
			`"version": "3.1",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",`
			`"attackVector": "NETWORK",`
			`"attackComplexity": "LOW",`
			`"privilegesRequired": "NONE",`
			`"userInteraction": "REQUIRED",`
			`"scope": "UNCHANGED",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 8.8,`
			`"baseSeverity": "HIGH"`
			`},`
			`"exploitabilityScore": 2.8,`
			`"impactScore": 5.9`
			`}`
			`]`
			`},`
			`"weaknesses": [`
			`{`
			`"source": "cvd@cert.pl",`
			`"type": "Secondary",`
			`"description": [`
			`{`
			`"lang": "en",`
			`"value": "CWE-20"`
			`}`
			`]`
			`}`
			`],`
			`"references": [`
			`{`
			`"url": "https://cert.pl/en/posts/2023/12/CVE-2023-5378",`
			`"source": "cvd@cert.pl"`
			`},`
			`{`
			`"url": "https://cert.pl/posts/2023/12/CVE-2023-5378",`
			`"source": "cvd@cert.pl"`
			`},`
			`{`
			`"url": "https://megabip.pl/",`
			`"source": "cvd@cert.pl"`
			`},`
			`{`
			`"url": "https://smod.pl/",`
			`"source": "cvd@cert.pl"`
			`}`
			`]`
			`}`