CVE-2023-3035

LOW

Guangdong Pythagorean OA Office System <4.50.31 - XSS

Title source: llm

Description

A vulnerability has been found in Guangdong Pythagorean OA Office System up to 4.50.31 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Schedule Handler. The manipulation of the argument description leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-230467.

Exploits (1)

gitee 3,351 stars
by gougufree · phpwriteup
https://gitee.com/gouguopen/office/issues/I74ZPU

References (3)

Scores

CVSS v3 3.5
EPSS 0.0009
EPSS Percentile 25.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
gougucms/pythagorean_oa_office_system < 4.50.31
Published Jun 01, 2023
Tracked Since Feb 18, 2026