Description
A critical flaw has been identified in elijaa/phpmemcachedadmin affecting version 1.3.0, specifically related to a stored XSS vulnerability. This vulnerability allows malicious actors to insert a carefully crafted JavaScript payload. The issue arises from improper encoding of user-controlled entries in the "/pmcadmin/configure.php" parameter.
Published: 2023-11-30
Score: 6.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-3010 A critical flaw has been identified in elijaa/phpmemcachedadmin affecting version 1.3.0, specifically related to a stored XSS vulnerability. This vulnerability allows malicious actors to insert a carefully crafted JavaScript payload. The issue arises from improper encoding of user-controlled entries in the "/pmcadmin/configure.php" parameter.
Github GHSA Github GHSA GHSA-pr4w-m4rp-gp87 PHPMemcachedAdmin vulnerable to cross-site scripting (XSS) via improper encoding
History

No history.

Subscriptions

Elijaa Phpmemcachedadmin
cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published:

Updated: 2024-08-02T08:21:17.157Z

Reserved: 2023-11-08T09:59:43.079Z

Link: CVE-2023-6027

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-11-30T14:15:14.497

Modified: 2024-11-21T08:43:00.373

Link: CVE-2023-6027

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses