5.4

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-2981

GHSA ID

GHSA-wmfc-g86p-fjvr

EPSS Score

0.23559%

CWE

CWE-80

Published

5/30/2023

Updated

11/15/2023

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-2981

CVE-2023-2981: go package pydio cells vulnerable to cross-site scripting

A vulnerability, which was classified as problematic, has been found in Abstrium Pydio Cells 4.2.0. This issue affects some unknown processing of the component Chat. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. Upgrading to version 4.2.1 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-230213 was assigned to this vulnerability.

(GitHub Advisory)

5.4

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-2981

GHSA ID

GHSA-wmfc-g86p-fjvr

EPSS Score

0.23559%

CWE

CWE-80

Published

5/30/2023

Updated

11/15/2023

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
github.com/pydio/cells	go	< 4.2.1	4.2.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

* vuln*r**ility, w*i** w*s *l*ssi*i** *s pro*l*m*ti*, **s ***n *oun* in **strium Py*io **lls *.*.*. T*is issu* *****ts som* unknown pro**ssin* o* t** *ompon*nt ***t. T** m*nipul*tion l***s to **si* *ross sit* s*riptin*. T** *tt**k m*y ** initi*t** r*

Reasoning

No *n*lysis *v*il**l*

5.4

Basic Information

Concerned about an active attack path?

CVE-2023-2981: go package pydio cells vulnerable to cross-site scripting

5.4

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI