漏洞信息摘要 Vulnerability ID: VDB-243133, CVE-2023-5695, GCVE-100-243133 Affected Product: CodeAstro Internet Banking System 1.0 Vulnerability Type: Cross Site Scripting (XSS) CVSS Meta Temp Score: 4.3 Current Exploit Price: $0-$5k CTI Interest Score: 0.00 Summary A problematic vulnerability has been detected in CodeAstro Internet Banking System 1.0. Affected by this vulnerability is an unknown functionality of the file . Manipulation of the argument with the input value causes cross-site scripting. This vulnerability appears as CVE-2023-5695. The attack may be initiated remotely, and an exploit is available. Details Vulnerability Source: file in CodeAstro Internet Banking System 1.0 CWE Definition: CWE-79 (Improper Neutralization of Input During Web Page Generation) Impact: Affects integrity; it doesn't neutralize or incorrectly neutralizes user-controllable input before placing it in output that is used as a web page served to other users. Public Exploit Availability: Yes, known Disclosure Date: 10/22/2023 Source of Advisory: github.com ATT&CK Technique: T1059.007