Medium severity6.1NVD Advisory· Published Jul 3, 2023· Updated Jun 17, 2026
CVE-2023-36816
CVE-2023-36816
Description
2FA is a Web app to manage Two-Factor Authentication (2FA) accounts and generate their security codes. Cross site scripting (XSS) injection can be done via the account/service field. This was tested in docker-compose environment. This vulnerability has been patched in version 4.0.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Bubka/2FAuthv5Range: < 4.0.3
Patches
Vulnerability mechanics
References
2- github.com/Bubka/2FAuth/security/advisories/GHSA-cwhq-2mcq-pp9qnvdExploitVendor Advisory
- github.com/Bubka/2FAuth/releases/tag/v4.0.3nvdRelease Notes
News mentions
0No linked articles in our index yet.