CVE-2023-41588 : A cross-site scripting (XSS) vulnerability in Time to SLA plugin v10.13.5 allows

A cross-site scripting (XSS) vulnerability in Time to SLA plugin v10.13.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the durationFormat parameter.

Published 2023-09-14 20:15:11

Updated 2023-09-15 00:31:21

Source MITRE

View at NVD, CVE.org

Vulnerability category: Cross site scripting (XSS)

Products affected by CVE-2023-41588

We don't have affected product information for this CVE yet

Exploit prediction scoring system (EPSS) score for CVE-2023-41588

EPSS FAQ

0.21%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 42 %

Percentile, the proportion of vulnerabilities that are scored at or less

References for CVE-2023-41588

https://github.com/xsn1210/poc2/blob/main/xss%5BTime%20to%20SLA%5D.md

poc2/xss[Time to SLA].md at main · xsn1210/poc2 · GitHub
https://github.com/xsn1210/poc2

GitHub - xsn1210/poc2

Jump to

Vulnerability Details : CVE-2023-41588

Products affected by CVE-2023-41588

Exploit prediction scoring system (EPSS) score for CVE-2023-41588

References for CVE-2023-41588