Unrated severityNVD Advisory· Published Jun 22, 2023· Updated Dec 6, 2024

CVE-2023-33387

Description

A reflected cross-site scripting (XSS) vulnerability in DATEV eG Personal-Management System Comfort/Comfort Plus v15.1.0 to v16.1.1 P4 allows attackers to steal targeted users' login data by sending a crafted link.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

DATEV eG/Personal-Management System Comfort/Comfort Plusdescription
Datev/Personal-Management System Comfort/Comfort Plusllm-create
Range: 15.1.0 - 16.1.1 P4

Patches

Vulnerability mechanics

References

apps.datev.de/help-center/documents/1021479mitre
support.veda.net/datev.phpmitre
www.tuv.com/landingpage/de/schwachstelle/mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000