CVE-2023-38482

CVSS 3.1 Score 5.9 of 10 (medium)

Details

Published Sep 3, 2023
Updated: Sep 8, 2023
CWE ID 79

Summary

CVE-2023-38482 is a stored cross-site scripting (XSS) vulnerability in the QualityUnit Post Affiliate Pro plugin, affecting versions <= 1.25.0. This vulnerability has a risk score of 25 and a base severity of MEDIUM. It requires high privileges and user interaction to exploit, with an attack vector through the network. The potential impact includes low integrity and confidentiality impacts, with a low availability impact. The CVE ID indicates that this vulnerability falls under CWE-79, which refers to improper neutralization of input during web page generation (cross-site scripting). No further analysis or remediation steps are provided in the information available.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-38482 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options