PT-2023-25724 · Unknown · Nesote Inout Search Engine Ai Edition
Skalvin
·
Published
2023-07-16
·
Updated
2024-05-17
·
CVE-2023-3685
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Nesote Inout Search Engine AI Edition version 1.1
Description
A problematic issue has been found in the software, affecting an unknown part of the file /index.php. The manipulation of the
page argument leads to cross-site scripting. It is possible to initiate the attack remotely. The vendor was contacted about this disclosure but did not respond.Recommendations
For Nesote Inout Search Engine AI Edition version 1.1, consider restricting access to the
/index.php file or disabling the manipulation of the page argument to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nesote Inout Search Engine Ai Edition