Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: from n/a through 3.4.1.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Jeff Starr | Dashboard Widgets Suite | unaffected |
|
No data.
No data available yet.
Remediation
Vendor Solution
Update to 3.4.2 or a higher version.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2023-53666 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: from n/a through 3.4.1. |
References
History
Tue, 28 Apr 2026 18:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: from n/a through 3.4.1. | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeff Starr Dashboard Widgets Suite allows Stored XSS.This issue affects Dashboard Widgets Suite: from n/a through 3.4.1. |
MITRE
Status: PUBLISHED
Assigner: Patchstack
Published:
Updated: 2026-04-28T16:08:56.672Z
Reserved: 2023-11-30T13:21:40.736Z
Link: CVE-2023-49743
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-14T15:15:09.067
Modified: 2026-04-28T19:22:22.410
Link: CVE-2023-49743
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses