Vulnerabilities > CVE-2023-23707 - Unspecified vulnerability in Awsm Embed ANY Document

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

awsm

NVD

Published: 2023-03-23

Updated: 2024-11-21

Summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'), Unrestricted Upload of File with Dangerous Type vulnerability in Awsm Innovations Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files allows Stored XSS via upload of SVG and HTML files. This issue affects Embed Any Document – Embed PDF, Word, PowerPoint and Excel Files plugin <= 2.7.1 versions.

Vulnerable Configurations

Part	Description	Count
Application	Awsm Awsm Embed ANY Document - Awsm Embed ANY Document 1.0.1 Awsm Embed ANY Document 1.0.2 Awsm Embed ANY Document 1.1 Awsm Embed ANY Document 1.1.1 Awsm Embed ANY Document 2.0 Awsm Embed ANY Document 2.1 Awsm Embed ANY Document 2.2 Awsm Embed ANY Document 2.2.1 Awsm Embed ANY Document 2.2.2 Awsm Embed ANY Document 2.2.3 Awsm Embed ANY Document 2.2.4 Awsm Embed ANY Document 2.2.5 Awsm Embed ANY Document 2.3 Awsm Embed ANY Document 2.3.1 Awsm Embed ANY Document 2.3.2 Awsm Embed ANY Document 2.4 Awsm Embed ANY Document 2.4.1 Awsm Embed ANY Document 2.5.0 Awsm Embed ANY Document 2.6.0 Awsm Embed ANY Document 2.6.1 Awsm Embed ANY Document 2.7.0 Awsm Embed ANY Document 2.7.1	23

Summary

Vulnerable Configurations

References