PatchSiren cyber security CVE debrief
CVE-2023-6011 DECE Software CVE debrief
CVE-2023-6011 is a stored cross-site scripting (XSS) issue in DECE Geodi. The CVE record states that affected versions are Geodi before 8.0.0.27396, and the weakness is classified as CWE-79. Because this is stored XSS, malicious input can be saved and later rendered to other users, creating a client-side injection risk in affected web page generation paths. The CVE was publicly published on 2023-11-22 and later modified on 2026-05-20; those dates reflect record handling, not the underlying vulnerability date.
- Vendor
- DECE Software
- Product
- Geodi
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2023-11-22
- Original CVE updated
- 2026-05-20
- Advisory published
- 2023-11-22
- Advisory updated
- 2026-05-20
Who should care
Organizations running DECE Geodi versions earlier than 8.0.0.27396 should treat this as relevant, especially teams that manage authenticated web interfaces, user-generated content, or admin portals where stored data is rendered back into browsers. Security teams, application owners, and administrators responsible for web application patching should prioritize review if Geodi is present in the environment.
Technical summary
The NVD record maps CVE-2023-6011 to CWE-79 and describes an improper neutralization issue during web page generation resulting in stored XSS. The published CVSS vector is CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N, which indicates network reachability, low attack complexity, low privileges required, user interaction required, and scope change. The affected CPE range is listed as dece:geodi with versions ending before 8.0.0.27396. Third-party advisories from USOM are linked in the record.
Defensive priority
Medium. The CVSS score is 5.4, but stored XSS can still be operationally significant because it may affect multiple users and administrative sessions once malicious content is rendered. Prioritize patching if Geodi is internet-facing, used by privileged operators, or embedded in workflows with sensitive data.
Recommended defensive actions
- Upgrade DECE Geodi to version 8.0.0.27396 or later.
- Inventory all Geodi instances and confirm installed versions against the affected range.
- Review any user-supplied fields, comments, forms, or admin content that may be stored and later rendered in the browser.
- Apply output encoding and input handling controls where the application processes HTML or script-bearing content.
- Use browser-side and application-side protections such as context-aware escaping and content security controls where feasible.
- Monitor for suspicious content entries and unusual browser-side activity tied to Geodi pages.
- Validate access controls around roles that can create or edit content rendered by other users.
Evidence notes
All technical claims in this debrief are limited to the supplied CVE record and its referenced official/third-party links. The record identifies the issue as stored XSS (CWE-79), affects Geodi before 8.0.0.27396, and includes the CVSS vector CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N. The CVE publication date used for timing context is 2023-11-22T09:15:07.927Z. The later 2026-05-20 modification timestamp is a record-update date, not the vulnerability creation date.
Official resources
-
CVE-2023-6011 CVE record
CVE.org
-
CVE-2023-6011 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
-
Mitigation or vendor reference
[email protected] - Third Party Advisory
Publicly disclosed in the CVE record on 2023-11-22. The NVD record was later modified on 2026-05-20.