Nixpkgs Security Tracker

Untriaged

Permalink CVE-2023-47663

4.6 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): LOW
Availability impact (A): LOW

created 6 months ago

WordPress Foyer plugin <= 1.7.5 - Content Injection vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in Menno Luitjes Foyer allows Code Injection.This issue affects Foyer: from n/a through 1.7.5.

References

https://patchstack.com/database/vulnerability/foyer/wordpress-foyer-plugin-1-7-… vdb-entry
https://patchstack.com/database/vulnerability/foyer/wordpress-foyer-plugin-1-7-… vdb-entry
https://patchstack.com/database/vulnerability/foyer/wordpress-foyer-plugin-1-7-… x_transferred vdb-entry

Affected products

foyer

=<1.7.5

Matching in nixpkgs

pkgs.python312Packages.ghome-foyer-api

Generated Python protobuf stubs for Google Home internal API

nixos-unstable -
- nixpkgs-unstable 1.2.3

pkgs.python313Packages.ghome-foyer-api