SecuriTricks - CVE-2023-23989

Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metagauss RegistrationMagic.This issue affects RegistrationMagic: from n/a through 5.1.9.2.

Product(s) Impacted

Product	Versions
RegistrationMagic	n/a 5.1.9.2
RegistrationMagic	n/a - 5.1.9.2

Weaknesses

References

https://patchstack.com/database/vulnerability/custom-registration-form-builder-with-submission-manager/wordpress-registrationmagic-custom-registration-forms-user-registration-and-user-login-plugin-plugin-5-1-9-2-content-injection?_s_id=cve

CVSS Score

5.3 / 10

CVSS Data

Attack Vector: NETWORK
Attack Complexity: LOW
Privileges Required: NONE
Scope: UNCHANGED
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: LOW

View Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Date

Published: April 24, 2024, 3:15 p.m.
Last Modified: April 24, 2024, 5:16 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

audit@patchstack.com

CVE-2023-23989