Nixpkgs Security Tracker

Untriaged

Permalink CVE-2023-29437

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

WordPress Connections Business Directory Plugin <= 10.4.36 is vulnerable to Cross Site Scripting (XSS)

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Steven A. Zahm Connections Business Directory plugin <= 10.4.36 versions.

References

https://patchstack.com/database/vulnerability/connections/wordpress-connections… vdb-entry
https://patchstack.com/database/vulnerability/connections/wordpress-connections… vdb-entry x_transferred
https://patchstack.com/database/vulnerability/connections/wordpress-connections… vdb-entry
https://patchstack.com/database/vulnerability/connections/wordpress-connections… vdb-entry x_transferred

Affected products

connections

=<10.4.36

Matching in nixpkgs

pkgs.gnome-connections

Remote desktop client for the GNOME desktop environment

nixos-unstable -
- nixpkgs-unstable 48.0

pkgs.python312Packages.hyper-connections

Module to make multiple residual streams

nixos-unstable -
- nixpkgs-unstable 0.2.1

pkgs.python313Packages.hyper-connections

Module to make multiple residual streams

nixos-unstable -
- nixpkgs-unstable 0.2.1

pkgs.sbclPackages.asdf-system-connections

None

nixos-unstable -
- nixpkgs-unstable 20170124-git

pkgs.haskellPackages.amazonka-codestar-connections

Amazon CodeStar connections SDK

nixos-unstable -
- nixpkgs-unstable 2.0

pkgs.python312Packages.mypy-boto3-codestar-connections

Type annotations for boto3 codestar-connections

nixos-unstable -
- nixpkgs-unstable boto3-codestar-connections-1.40.18

pkgs.python313Packages.mypy-boto3-codestar-connections