PT-2023-22149 · Muffingroup · Muffingroup Betheme

Rafie Muhammad

Published

2023-05-10

Updated

2023-05-16

CVE-2023-29101

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Muffingroup Betheme theme versions prior to 26.7.5

Description The issue is related to an Unauth. Reflected Cross-Site Scripting (XSS) vulnerability. This means that an attacker could potentially inject malicious scripts into the website, which would then be executed by the user's browser. However, no specific details about API endpoints, vulnerable parameters, or function names are provided.

Recommendations For versions prior to 26.7.5, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2023-29101

Affected Products

Muffingroup Betheme

PT-2023-22149 · Muffingroup · Muffingroup Betheme

CVE-2023-29101

Weakness Enumeration

Related Identifiers

Affected Products

References · 3