CVE-2023-49489

MEDIUM NUCLEI

Kodcloud Kodexplorer - XSS

Title source: rule

Description

Reflective Cross Site Scripting (XSS) vulnerability in KodExplorer version 4.51, allows attackers to obtain sensitive information and escalate privileges via the APP_HOST parameter at config/i18n/en/main.php.

Nuclei Templates (1)

KodeExplorer 4.51 - Reflective Cross Site Scripting (XSS)
MEDIUMby DhiyaneshDk
FOFA: app="powered-by-kodexplorer"

References (1)

Scores

CVSS v3 6.1
EPSS 0.0093
EPSS Percentile 76.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (1)
kodcloud/kodexplorer 4.51
Published Dec 19, 2023
Tracked Since Feb 18, 2026