{"id":"CVE-2023-4707","details":"A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.","modified":"2026-03-15T14:48:35.559085Z","published":"2023-09-01T18:15:07.793Z","references":[{"type":"ADVISORY","url":"http://packetstormsecurity.com/files/174444/Clcknshop-1.0.0-Cross-Site-Scripting.html"},{"type":"ADVISORY","url":"https://vuldb.com/?ctiid.238570"},{"type":"ADVISORY","url":"https://vuldb.com/?id.238570"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/masum0009/clcknshop","events":[{"introduced":"0"},{"last_affected":"b6848246059661db6697e14dc5fb4b7fe62dc485"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.0.0"}]}}],"versions":["v1.0.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4707.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}