CVE-2023-49852

{"id": "CVE-2023-49852", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2024-06-04T12:15:10.153", "references": [{"url": "https://patchstack.com/database/vulnerability/responsive-slick-slider/wordpress-responsive-slick-slider-wordpress-plugin-1-4-content-injection-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-80"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Vsourz Digital Responsive Slick Slider WordPress allows Code Injection.This issue affects Responsive Slick Slider WordPress: from n/a through 1.4."}, {"lang": "es", "value": "La neutralizaci\u00f3n inadecuada de etiquetas HTML relacionadas con scripts en una vulnerabilidad de p\u00e1gina web (XSS b\u00e1sico) en Vsourz Digital Responsive Slick Slider WordPress permite la inyecci\u00f3n de c\u00f3digo. Este problema afecta a Responsive Slick Slider WordPress: desde n/a hasta 1.4."}], "lastModified": "2024-06-04T16:57:41.053", "sourceIdentifier": "audit@patchstack.com"}