CVE-2023-47324

Published: Dec 13, 2023
Updated: May 9, 2024
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2023-47324" target="_blank" rel="noopener"> CVE-2023-47324
GHSA: <a href="https://github.com/advisories/GHSA-wgrw-fj3v-fhc5" target="_blank" rel="noopener"> GHSA-wgrw-fj3v-fhc5
Severity: Medium
Exploit:

Silverpeas Core 6.3.1 is vulnerable to Cross Site Scripting (XSS) via the message/notification feature.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
org.silverpeas.core / silverpeas-core-web	-	6.3.2
org.silverpeas.core / silverpeas-core-api	-	6.3.2
org.silverpeas.core / silverpeas-core-war	-	6.3.2
org.silverpeas.core / silverpeas-core-configuration	-	6.3.2
silverpeas / silverpeas	-	6.3.2

Vulnerability Database