CVE-2023-47513

{"id": "CVE-2023-47513", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "audit@patchstack.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2024-06-04T10:15:11.250", "references": [{"url": "https://patchstack.com/database/vulnerability/ari-stream-quiz/wordpress-ari-stream-quiz-wordpress-quizzes-builder-plugin-1-2-32-content-injection-vulnerability?_s_id=cve", "source": "audit@patchstack.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "audit@patchstack.com", "description": [{"lang": "en", "value": "CWE-80"}]}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in ARI Soft ARI Stream Quiz allows Code Injection.This issue affects ARI Stream Quiz: from n/a through 1.3.2."}, {"lang": "es", "value": "Neutralizaci\u00f3n inadecuada de etiquetas HTML relacionadas con secuencias de comandos en una vulnerabilidad de p\u00e1gina web (XSS b\u00e1sico) en ARI Soft ARI Stream Quiz permite la inyecci\u00f3n de c\u00f3digo. Este problema afecta a ARI Stream Quiz: desde n/a hasta 1.3.2."}], "lastModified": "2024-06-04T16:57:41.053", "sourceIdentifier": "audit@patchstack.com"}