CVE-2023-3683

Name of the Vulnerable Software and Affected Versions LivelyWorks Articart version 2.0.1

Description A vulnerability has been found in LivelyWorks Articart, affecting an unknown functionality of the file "/items/search". The manipulation of the search term argument leads to cross-site scripting. The attack can be launched remotely. The vendor was contacted early about this disclosure but did not respond.

Recommendations For version 2.0.1, as a temporary workaround, consider restricting access to the "/items/search" endpoint until a patch is available. Avoid using the search term argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.