CVE-2023-3785
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk41th percentile — higher than 41% of all known CVEs
Summary
A vulnerability was found in PaulPrinting CMS 2018, rated as problematic. Manipulation of the arguments firstname/lastname/address/city/state leads to cross-site scripting attacks.
Risk Assessment
An attacker can remotely exploit this vulnerability, posing a risk of session hijacking or data theft.
Recommendation
It is recommended to update to the latest version of PaulPrinting CMS and implement input data filtering to minimize the risk of XSS attacks.
Original NVD description (English source)
A vulnerability was found in PaulPrinting CMS 2018. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument firstname/lastname/address/city/state leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235052.

