CVSS 3.1 Score 3.1 of 10 (low)


Published Oct 4, 2023
Updated: Feb 1, 2024


CVE-2023-44389 is a vulnerability in Zope, an open-source web application server. It affects all versions of Zope 4 and Zope 5. The vulnerability allows script code to be stored in the title property of Zope objects, which can be executed when viewing the affected object in the Zope Management Interface (ZMI). Patches will be released with Zope versions 4.8.11 and 5.8.6 to remediate this issue. The vulnerability has a low base severity score of 3.1 and requires high privileges and user interaction for exploitation. It has a network attack vector and low impact on integrity and confidentiality.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-44389 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options