Vulnerability Database

296,293

Total vulnerabilities in the database

CVE-2023-27641

The REPORT (after z but before a) parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a crafted URL.

  • Published: Mar 5, 2023
  • Updated: Apr 14, 2023
  • CVE: CVE-2023-27641
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.1
  • AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
lsoft / listserv - 17.0