Skip to main content

Thirty Bees

2 CVEs product

Monthly

CVE-2023-45957 MEDIUM PATCH This Month

A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

PHP XSS Thirty Bees
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%
CVE-2023-45958 MEDIUM PATCH This Month

Thirty Bees Core v1.4.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the backup_pagination parameter at /controller/AdminController.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP XSS Thirty Bees
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

A stored cross-site scripting (XSS) vulnerability in the component admin/AdminRequestSqlController.php of thirty bees before 1.5.0 allows attackers to execute arbitrary web script or HTML via. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

PHP XSS Thirty Bees
NVD GitHub
EPSS 0% CVSS 6.1
MEDIUM PATCH This Month

Thirty Bees Core v1.4.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the backup_pagination parameter at /controller/AdminController.php. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP XSS Thirty Bees
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy