Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram

thirty bees – Reflected cross-site scripting vulnerability

DATE

06.10.2023

Affected Vendor

thirty bees – an open-source e-commerce platform https://thirtybees.com

Affected Product

thirty bees’s beesblog module

Vulnerable version

up to 1.6.1. 

Fixed version

module version 1.6.2. 

CVSS

8.2 High CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N

Recommendations

Update to version 1.6.2

Vulnerability details

A reflected cross-site scripting vulnerability was discovered in module beesblog. 

CVE

CVE-2023-52264

Credits

Ulaş Deniz İlhan

References

Do you think the security of your data might be lacking? Let's find the best approach together.
Once you contact us, we will ask you about the project you want to secure.

NEED A CONSULTATION?

Contact Us