Medium severity6.1NVD Advisory· Published Nov 20, 2023· Updated Jun 17, 2026
CVE-2023-47175
CVE-2023-47175
Description
Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.4M (MySQL version) and LuxCal Web Calendar prior to 5.2.4L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is accessing the product.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <5.2.4M (MySQL), <5.2.4L (SQLite)
<5.2.4M (MySQL), <5.2.4L (SQLite)+ 1 more
- (no CPE)range: <5.2.4M (MySQL), <5.2.4L (SQLite)
- (no CPE)range: prior to 5.2.4L (SQLite version)
Patches
Vulnerability mechanics
References
4- jvn.jp/en/jp/JVN15005948/nvdThird Party Advisory
- www.luxsoft.eunvdProduct
- www.luxsoft.eunvdRelease Notes
- www.luxsoft.eu/lcforum/viewtopic.phpnvdIssue Tracking
News mentions
0No linked articles in our index yet.