Rite CMS 3.0 has Multiple Cross-Site scripting (XSS) vulnerabilities that allow attackers to execute arbitrary code via a payload crafted in the Home Page fields in the Administration menu.
References
| Link | Resource |
|---|---|
| https://github.com/sromanhu/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu/blob/main/README.md | Exploit Third Party Advisory |
| https://github.com/sromanhu/RiteCMS-Stored-XSS---Home | Exploit Third Party Advisory |
Configurations
History
20 Oct 2023, 20:58
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://github.com/sromanhu/CVE-2023-43878-RiteCMS-Stored-XSS---MainMenu/blob/main/README.md - Exploit, Third Party Advisory |
10 Oct 2023, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
07 Oct 2023, 03:11
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://github.com/sromanhu/RiteCMS-Stored-XSS---Home - Exploit, Third Party Advisory | |
| First Time |
Ritecms
Ritecms ritecms |
|
| CPE | cpe:2.3:a:ritecms:ritecms:3.0:*:*:*:*:*:*:* | |
| CWE | CWE-79 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.8 |
04 Oct 2023, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-04 22:15
Updated : 2023-12-10 15:14
NVD link : CVE-2023-43877
Mitre link : CVE-2023-43877
CVE.ORG link : CVE-2023-43877
JSON object : View
Products Affected
ritecms
- ritecms
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')