{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-23T23:21:11.294","vulnerabilities":[{"cve":{"id":"CVE-2023-3085","sourceIdentifier":"cna@vuldb.com","published":"2023-06-03T11:15:21.443","lastModified":"2024-11-21T08:16:24.700","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability, which was classified as problematic, has been found in X-WRT luci up to 22.10_b202303061504. This issue affects the function run_action of the file modules/luci-base/ucode/dispatcher.uc of the component 404 Error Template Handler. The manipulation of the argument request_path leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 22.10_b202303121313 is able to address this issue. The patch is named 24d7da2416b9ab246825c33c213fe939a89b369c. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-230663."},{"lang":"es","value":"Se ha encontrado una vulnerabilidad, clasificada como problemática, en X-WRT luci hasta la versión 22.10_b202303061504. Este problema afecta a la función \"run_action\" del archivo \"modules/luci-base/ucode/dispatcher.uc\" del componente \"404 Error Template Handler\". La manipulación del argumento \"request_path\" conduce a Cross-Site Scripting. El ataque puede iniciarse de forma remota. La actualización a la versión 22.10_b202303121313 soluciona este problema. El nombre del parche es 24d7da2416b9ab246825c33c213fe939a89b369c. Se recomienda actualizar el componente afectado. El identificador asociado de esta vulnerabilidad es VDB-230663."}],"metrics":{"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N","baseScore":3.5,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.1,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:x-wrt:luci:*:*:*:*:*:*:*:*","versionEndExcluding":"22.10_b202303121313","matchCriteriaId":"09A24A0C-F67C-41C5-AAAB-144C49FB5110"}]}]}],"references":[{"url":"https://github.com/x-wrt/luci/commit/24d7da2416b9ab246825c33c213fe939a89b369c","source":"cna@vuldb.com","tags":["Patch"]},{"url":"https://github.com/x-wrt/luci/releases/tag/22.10_b202303121313","source":"cna@vuldb.com","tags":["Release Notes"]},{"url":"https://vuldb.com/?ctiid.230663","source":"cna@vuldb.com","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://vuldb.com/?id.230663","source":"cna@vuldb.com","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://github.com/x-wrt/luci/commit/24d7da2416b9ab246825c33c213fe939a89b369c","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://github.com/x-wrt/luci/releases/tag/22.10_b202303121313","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes"]},{"url":"https://vuldb.com/?ctiid.230663","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]},{"url":"https://vuldb.com/?id.230663","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Third Party Advisory"]}]}}]}