CVE-2023-50639

MEDIUM

CuteHttpFileServer 1.0 and 2.0 - Cross-Site Scripting via File Upload Function

Title source: llm
STIX 2.1

Description

Cross Site Scripting (XSS) vulnerability in CuteHttpFileServer v.1.0 and v.2.0 allows attackers to obtain sensitive information via the file upload function in the home page.

Scores

CVSS v3 5.4
EPSS 0.0037
EPSS Percentile 29.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (2)
iscute/cute_http_file_server 1.0
iscute/cute_http_file_server 2.0
Published Dec 20, 2023
Tracked Since Feb 18, 2026