VDB
CVE-2023-45683
CVE-2023-45683
PUBLISHED
CVSS 7.099999904632568 HIGH
Cross-site Scripting via missing Binding syntax validation
EPSS 0.29% · 52.3th percentile
Risk Scores
CVSS 3.1
7.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
EPSS Score
0.29%
52.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| saml_project | saml | 0, 0 |
| crewjam | saml | < 0.4.14, < 0.4.14 |
| github.com | crewjam/saml | 0, 0 |
Exploit Intelligence
- CIRCL published-proof-of-concept: CVE-2023-45683 (circl-sighting)
- CIRCL seen: CVE-2023-45683 (circl-sighting)
- CIRCL published-proof-of-concept: CVE-2023-45683 (circl-sighting)
- https://github.com/crewjam/saml/security/advisories/GHSA-267v-3v32-g6q5 (circl)
- https://github.com/crewjam/saml/commit/b07b16cf83c4171d16da4d85608cb827f183cd79 (circl)
Timeline
- Oct 16, 2023 CVE Published
- Oct 16, 2023 PoC Published
- Oct 17, 2023 EPSS Score
- Oct 20, 2023 CVE Updated
- Nov 16, 2023 PoC Published
- Nov 17, 2023 EPSS Score
- Dec 18, 2023 EPSS Score
- Jan 19, 2024 EPSS Score
- Feb 19, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
- May 23, 2024 EPSS Score
- Jun 23, 2024 EPSS Score