CVE-2023-51436

EUVD-2023-56157
Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.8, which may allow a remote authenticated attacker with an administrative privilege to execute an arbitrary script on the web browser of the user who is using the product.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
japan_system_techniquesuniversal_passport_rx
1.0.0 ≤
𝑥
≤ 1.0.8
ADP
Common Weakness Enumeration
References
https://jvn.jp/en/jp/JVN43215077/
https://www.jast-gakuen.com/products/unipa/
https://jvn.jp/en/jp/JVN43215077/
https://www.jast-gakuen.com/products/unipa/