CVE Catalog

CVE-2023-3465

LowCVSS 3.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.43%

34th percentile — higher than 34% of all known CVEs

Summary

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8, affecting an unknown functionality of the file user.php of the HTTP POST Request Handler component. Manipulation of the argument title leads to cross-site scripting.

Risk Assessment

This vulnerability allows for remote attacks, potentially leading to user data theft or session hijacking.

Recommendation

It is recommended to upgrade the affected component to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

A vulnerability was found in SimplePHPscripts Classified Ads Script 1.8. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file user.php of the component HTTP POST Request Handler. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-232711.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS