CVE-2023-3563
LowCVSS 3.5Exploitation Probability (EPSS)
Low risk35th percentile — higher than 35% of all known CVEs
Summary
A vulnerability was found in GZ E Learning Platform version 1.8, affecting some unknown processing of the URL Parameter Handler component. Manipulation of this component leads to cross site scripting attacks.
Risk Assessment
An attacker may remotely exploit this vulnerability, posing a risk of session hijacking or data theft.
Recommendation
It is recommended to update the GZ E Learning Platform to the latest version to mitigate this vulnerability and implement additional protections against XSS attacks.
Original NVD description (English source)
A vulnerability was found in GZ Scripts GZ E Learning Platform 1.8 and classified as problematic. This issue affects some unknown processing of the component URL Parameter Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-233357 was assigned to this vulnerability.

