CVE-2023-5351 — Vulnetix

CVE-2023-5351 PUBLISHED CVSS 8.899999618530273 HIGH

Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1.

EPSS 0.13% · 31.4th percentile

Risk Scores

CVSS 3.0

8.899999618530273

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L

EPSS Score

0.13%

31.4th percentile

Affected Products

Vendor	Product	Versions
salesagility	suitecrm	0, 0
salesagility	salesagility/suitecrm	unspecified, unspecified

Exploit Intelligence

CIRCL seen: CVE-2023-5351 (circl-sighting)
https://huntr.dev/bounties/f7c7fcbc-5421-4a29-9385-346a1caa485b (nist-nvd)
https://github.com/salesagility/suitecrm/commit/c43eaa311fb010b7928983e6afc6f9075c3996aa (circl)

Timeline

Jan 21, 1970 Security Advisory
Oct 3, 2023 CVE Published
Oct 3, 2023 PoC Published
Oct 4, 2023 EPSS Score
Nov 5, 2023 EPSS Score
Dec 6, 2023 EPSS Score
Jan 7, 2024 EPSS Score
Feb 8, 2024 EPSS Score
Mar 10, 2024 EPSS Score
Apr 11, 2024 EPSS Score
May 13, 2024 EPSS Score
Jun 13, 2024 EPSS Score

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›