CVE-2023-47379
unknown
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
โ
Description
Microweber Cross-site Scripting vulnerability
Predictions
Exploit likelihood
30%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | microweber/microweber | <2.0.3 | 2.0.3 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2023-47379
- https://github.com/microweber/microweber/commit/a481f079d74e82f6094abf15d67e814349d1038a
- https://github.com/microweber/microweber/commit/c6e7ea9d0abd7564a3bb23c14ad172e4ccf27a7e#diff-fac4e7e9eca69c10d074bf8c5eac7f64b018c6b4d91dcad54b340a8560049e00
- https://github.com/microweber/microweber
- https://github.com/microweber/microweber/blob/master/CHANGELOG.md
- https://www.getastra.com/blog/security-audit/stored-xss-vulnerability
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.