{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-28T22:50:38.289","vulnerabilities":[{"cve":{"id":"CVE-2023-4983","sourceIdentifier":"cna@vuldb.com","published":"2023-09-15T14:15:11.320","lastModified":"2026-06-17T06:39:02.250","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was found in app1pro Shopicial up to 20230830. It has been declared as problematic. This vulnerability affects unknown code of the file search. The manipulation of the argument from with the input comments</script>'\"><img src=x onerror=alert(document.cookie)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239794 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."},{"lang":"es","value":"Una vulnerabilidad fue encontrada en app1pro Shopicial hasta 20230830. Ha sido declarada problemática. Esta vulnerabilidad afecta a código desconocido de búsqueda de archivos. La manipulación del argumento con los comentarios de entrada'\"&gt; conduce a un Cross-Site Scripting. El ataque se puede iniciar de forma remota. El exploit se ha revelado al público y puede usarse. VDB-239794 es el identificador asignado a esta vulnerabilidad. NOTA: Se contactó primeramente al proveedor sobre esta divulgación, pero no respondió de ninguna manera."}],"affected":[{"source":"cna@vuldb.com","affectedData":[{"vendor":"app1pro","product":"Shopicial","versions":[{"version":"20230830","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","baseScore":6.1,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":2.7}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:N/I:P/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-07-11T19:33:24.303139Z","id":"CVE-2023-4983","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:app1pro:shopicial:*:*:*:*:*:shopify:*:*","versionEndIncluding":"20230830","matchCriteriaId":"8E0E4761-5ED8-4003-AE04-FA21973F7B01"}]}]}],"references":[{"url":"https://vuldb.com/?ctiid.239794","source":"cna@vuldb.com","tags":["Third Party Advisory"]},{"url":"https://vuldb.com/?id.239794","source":"cna@vuldb.com","tags":["Third Party Advisory"]},{"url":"https://vuldb.com/?ctiid.239794","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://vuldb.com/?id.239794","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}