CVE-2023-3293: Cross-site Scripting (XSS) - Stored in salesagility/suitecrm-core

7.6 CVSS

Description

Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0.

Classification

CVE ID: CVE-2023-3293

CVSS Base Severity: HIGH

CVSS Base Score: 7.6

Affected Products

Vendor: salesagility

Product: salesagility/suitecrm-core

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.07% (probability of being exploited)

EPSS Percentile: 34.28% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://huntr.dev/bounties/22cb0ee3-e5da-40e0-9d2c-ace9b759f171
https://github.com/salesagility/suitecrm-core/commit/1f949f1ac2b7fe82f3c2c6071f842b804ba91929

Timeline