Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestion detail

Untriaged

Permalink CVE-2023-25041

7.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

created 1 year, 3 months ago

WordPress Monolit Theme <= 2.0.6 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Cththemes Monolit theme <= 2.0.6 versions.

References

https://patchstack.com/database/vulnerability/monolit/wordpress-monolit-theme-t… x_transferredvdb-entry

Affected products

monolit

=<2.0.6

Matching in nixpkgs

pkgs.monolith

Bundle any web page into a single HTML file

nixos-unstable 2.8.3
- nixpkgs-unstable 2.8.3
- nixos-unstable-small 2.8.3

Package maintainers

@Br1ght0ne Oleksii Filonenko <brightone@protonmail.com>