CVE-2023-0287

LOW

Ityouknow favorites-web - XSS

Title source: llm

Description

A vulnerability was found in ityouknow favorites-web. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Comment Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-218294 is the identifier assigned to this vulnerability.

Exploits (1)

gitee 442 stars

by ityouknow · javawriteup

https://gitee.com/ityouknow/favorites-web/issues/I684L9

References (3)

[Exploit, Issue Tracking, Third Party Advisory] https://gitee.com/ityouknow/favorites-web/issues/I684L9

[Third Party Advisory] https://vuldb.com/?ctiid.218294

[Third Party Advisory] https://vuldb.com/?id.218294

Scores

CVSS v3 3.5

EPSS 0.0040

EPSS Percentile 60.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE

CWE-79

Status published

Products (1)

favorites-web_project/favorites-web

Published Jan 13, 2023

Tracked Since Feb 18, 2026