CVE Catalog

CVE-2023-3785

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.54%

41th percentile — higher than 41% of all known CVEs

Summary

A vulnerability was found in PaulPrinting CMS 2018, rated as problematic. Manipulation of the arguments firstname/lastname/address/city/state leads to cross-site scripting attacks.

Risk Assessment

An attacker can remotely exploit this vulnerability, posing a risk of session hijacking or data theft.

Recommendation

It is recommended to update to the latest version of PaulPrinting CMS and implement input data filtering to minimize the risk of XSS attacks.

Original NVD description (English source)

A vulnerability was found in PaulPrinting CMS 2018. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument firstname/lastname/address/city/state leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235052.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS