CVE-2023-5556
MEDIUM NUCLEIstructurizr on-premises_installation < 3194 - Reflected Cross-Site Scripting
Title source: llmExploitation Summary
CVE-2023-5556 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Cross-site Scripting (XSS) - Reflected in GitHub repository structurizr/onpremises prior to 3194.
Nuclei Templates (1)
Structurizr on-premises - Cross Site Scripting
MEDIUMby shankaracharya
Shodan:
http.favicon.hash:1199592666
FOFA:
icon_hash=1199592666
References (2)
Core 2
Core References
Exploit, Patch, Third Party Advisory
https://huntr.dev/bounties/a3ee0f98-6898-41ae-b1bd-242a03a73d1b
Scores
CVSS v3
6.1
EPSS
0.0122
EPSS Percentile
64.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-79
Status
published
Products (1)
structurizr/on-premises_installation
< 3194
Published
Oct 12, 2023
Tracked Since
Feb 18, 2026