What is CVE-2023-30256?

CVE-2023-30256 is a vulnerability in N/a. Published 2023-05-11.

Is CVE-2023-30256 known to be exploited?

5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2023-30256

Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.

EPSS: 0.781 (99.0th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ahrixia/CVE-2023-30256
ARPSyndicate/cve-scores
ahrixia/ahrixia
nomi-sec/PoC-in-GitHub
zhanpengliu-tencent/medium-cve

References

qloapps.com/
github.com/webkul/hotelcommerce
github.com/ahrixia/CVE-2023-30256
packetstormsecurity.com/files/172542/Webkul-Qloapps-1.5.2-Cross-Site-Scripting…

Frequently asked questions

What is CVE-2023-30256?: CVE-2023-30256 is a vulnerability in N/a. Published 2023-05-11.
Is CVE-2023-30256 known to be exploited?: 5 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.