CVE-2025-2714
Description
A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /extensions/realestate/index.php/agents/agent-register/addagent. The manipulation of the argument plan_id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
Base Score
4.3
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
EPSS Score
Exploitation Probability
0.47
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| runfinch-finch Security Update (ALAS-2025-914) runfinch-finch-1.7.1-1.amzn2023.0.1.x86_64.rpm | Linux |
| containerd Security Update (ALAS-2025-930) containerd-stress-1.7.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| containerd Security Update (ALAS-2025-930) containerd-1.7.27-1.amzn2023.0.2.x86_64.rpm | Linux |
| nerdctl Security Update (ALAS-2025-931) nerdctl-2.0.4-1.amzn2023.0.1.x86_64.rpm | Linux |
| nerdctl Security Update (ALAS-2025-2821) nerdctl-2.0.4-1.amzn2.0.1.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234