CVE-2023-23949

Medium

An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.

symantec·CWE-79·Published 2023-01-24

CVSS

5.4

EPSS

0.01

KEV

Exploits

cve.orgen

112 chars

An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.

NVDen

112 chars

An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.

NVDes

122 chars

Un usuario autenticado puede proporcionar código HTML y JavaScript malicioso que se ejecutará en el navegador del cliente.

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	8.1	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
3.1	Primary	cve.org	8.1	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N