CVE-2023-38501
high-risk
Published 2023-07-25
copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter `?k304=...` and `?setck=...`. The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of one's copyparty accounts, unless one have inspected one's logs and found no trace of attacks. Version 1.8.7 contains a patch for the issue.
Do I need to act?
!
78.6% chance of exploitation in next 30 days
EPSS score — higher than 21% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.3/10
Medium
NETWORK
/ LOW complexity
Affected Products (1)
Affected Vendors
References (6)
Third Party Advisory
http://packetstormsecurity.com/files/173821/Copyparty-1.8.6-Cross-Site-Scripting...
Third Party Advisory
http://packetstormsecurity.com/files/173821/Copyparty-1.8.6-Cross-Site-Scripting...
55
/ 100
high-risk
Severity
23/34 · High
Exploitability
27/34 · High
Exposure
5/34 · Minimal