CVE-2023-1278

Summary

A vulnerability, which was classified as problematic, has been found in IBOS up to 4.5.5. Affected by this issue is some unknown functionality of the file mobil/index.php. The manipulation of the argument accesstoken leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-222608.

Affected Software

VendorProductVersion RangeStatus
n/aIBOS4.5.0affected
n/aIBOS4.5.1affected
n/aIBOS4.5.2affected
n/aIBOS4.5.3affected
n/aIBOS4.5.4affected
n/aIBOS4.5.5affected

Weaknesses

  • CWE-79: CWE-79 Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References