CVE Catalog

CVE-2023-3787

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.55%

42th percentile — higher than 42% of all known CVEs

Summary

A vulnerability was found in Codecanyon Tiva Events Calender 1.4 that allows cross site scripting attacks through manipulation of the argument name. The attack can be initiated remotely.

Risk Assessment

This vulnerability poses a risk of exploitation by malicious users to inject harmful code, potentially leading to data theft or session hijacking.

Recommendation

It is recommended to update to the latest version of Tiva Events Calender and monitor the application for unauthorized activities.

Original NVD description (English source)

A vulnerability classified as problematic was found in Codecanyon Tiva Events Calender 1.4. This vulnerability affects unknown code. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235054 is the identifier assigned to this vulnerability.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS