CVE-2023-2853

MEDIUM

6.1

CVSS Severity Score

EPSS Score0.0190%

EPSS Percentile17.12th

PublishedJul 10, 2023

Last ModifiedMay 22, 2026

Vulnerability Description

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Softmed SelfPatron allows Reflected XSS. This issue affects SelfPatron : before 2.0.

Affected Platforms (CPE)

📦

Softmedyazilim

Selfpatron

< 2.0

References & Advisories

🔗 https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-23-0388

🔗 https://www.usom.gov.tr/bildirim/tr-23-0388

Related Vulnerabilities

CVE-2023-28529.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Softmed SelfPatron allows SQ...

CVE-2023-20649.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Minova Technology eTrace all...

CVE-2023-343629.8

MOVEit Transfer SQL Injection vulnerability allows unauthenticated attackers to gain unauthorized access to MOVEit Transfer's data...

CVE-2023-27139.8

Authorization Bypass Through User-Controlled Key vulnerability in "Rental Module" developed by third-party for Ideasoft's E-comme...