PatchSiren

PatchSiren cyber security CVE debrief

CVE-2023-6672 National Keep Cyber Security Services CVE debrief

CVE-2023-6672 describes a stored cross-site scripting (XSS) flaw in Nationalkeep CyberMath. The vulnerability affects CyberMath versions from v1.4 before v1.5, and the NVD record assigns a CVSS 3.1 score of 5.4 (Medium). From a defensive perspective, this is primarily a web application integrity and session-safety issue: attacker-supplied input can be rendered in a page context and later executed in another user’s browser. The official NVD entry and USOM reference both point to CWE-79 / Cross-site Scripting, with an attack vector that requires network access, low attack complexity, low privileges, and user interaction.

Vendor
National Keep Cyber Security Services
Product
CyberMath
CVSS
MEDIUM 5.4
CISA KEV
Not listed in stored evidence
Original CVE published
2024-02-02
Original CVE updated
2026-05-20
Advisory published
2024-02-02
Advisory updated
2026-05-20

Who should care

Organizations running Nationalkeep CyberMath, especially instances at version 1.4 or any deployment that may not yet be updated to 1.5. Security teams responsible for web application hardening, input validation, output encoding, and browser-side session protection should prioritize review.

Technical summary

The official sources identify a stored XSS weakness in CyberMath. NVD maps the affected CPE to nationalkeep:cybermath:1.4 and the weakness to CWE-79. The CVSS vector (AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N) indicates remote exploitation with limited privileges but user interaction required, and the scope can change because injected script executes in a browser context separate from the vulnerable application’s trust boundary.

Defensive priority

Moderate priority. The issue is remotely reachable and can affect confidentiality and integrity, but it requires authentication/low privileges and user interaction, and NVD rates it Medium. Prioritize if the product is internet-facing, user-facing, or used by trusted internal staff.

Recommended defensive actions

  • Upgrade CyberMath to version 1.5 or later, as indicated by the affected-version range in the source description.
  • Review all user-controlled fields for stored XSS risk, including places where content is later displayed to other users.
  • Apply context-appropriate output encoding and HTML sanitization before rendering stored content.
  • Validate that any rich-text or markup features are explicitly allowlisted and safely escaped elsewhere.
  • Use defense-in-depth browser controls such as Content Security Policy where practical.
  • Re-test the application after updating to confirm the vulnerable 1.4 code path is no longer reachable.
  • Check authenticated workflows and administrative views, since stored XSS often impacts privileged users who view submitted content.

Evidence notes

The debrief is grounded in the supplied official sources only. NVD’s modified record lists the vulnerable CPE as cpe:2.3:a:nationalkeep:cybermath:1.4:*:*:*:*:*:*:* and the weakness as CWE-79. The same NVD metadata provides CVSS 3.1 AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N and a Medium 5.4 score. The supplied description states the issue affects CyberMath from v1.4 before v1.5. USOM references corroborate the Cross-site Scripting classification and provide a third-party advisory link.

Official resources

CVE-2023-6672 was published on 2024-02-02 and the NVD record was last modified on 2026-05-20. This summary uses those supplied dates for timing context and does not treat later generation or review time as the vulnerability date.