{"id":"CVE-2023-30334","details":"AsmBB v2.9.1 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the MiniMag.asm and bbcode.asm libraries.","modified":"2026-04-12T08:16:09.697239Z","published":"2023-05-08T21:15:11.207Z","references":[{"type":"ADVISORY","url":"https://gist.github.com/zeyu2001/1985d03ff919d08a9ea79bdeb5a16949"},{"type":"REPORT","url":"https://board.asm32.info/thanks-to-the-hxp-ctf-challenge-several-serious-vulnerabilities-has-been-fixed.394/"},{"type":"FIX","url":"https://asm32.info/fossil/asmbb/info/7dfa4f56b473f76c"},{"type":"FIX","url":"https://fresh.flatassembler.net/fossil/repo/fresh/info/a3caaf7ad8503348"},{"type":"EVIDENCE","url":"https://ctf.zeyu2001.com/2023/hxp-ctf/true_web_assembly"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/johnfound/asmbb","events":[{"introduced":"0"},{"last_affected":"804978fdee7529064e23ec917d30e0f909035336"}],"database_specific":{"extracted_events":[{"introduced":"0"},{"last_affected":"2.9.1"}],"cpe":"cpe:2.3:a:asmbb_project:asmbb:2.9.1:*:*:*:*:*:*:*","source":"CPE_FIELD"}}],"versions":["release","v1.0","v1.1","v1.2","v1.3","v1.5","v1.6","v1.7","v2.0","v2.1","v2.2","v2.2alpha","v2.3","v2.4","v2.5","v2.6","v2.7","v2.8","v2.9","v2.9.1"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-30334.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}