exploitDog

CVE-2023-23949

Опубликовано: 26 янв. 2023

Источник: nvd

CVSS3: 5.4

CVSS3: 8.1

EPSS Низкий

Описание

An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.

Ссылки

https://support.broadcom.com/external/content/SecurityAdvisories/0/21174
Vendor Advisory
https://support.broadcom.com/external/content/SecurityAdvisories/0/21174
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.3:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.4.1:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_identity_governance_and_administration:14.4.2:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_identity_manager:14.3:*:*:*:*:*:*:*

cpe:2.3:a:broadcom:symantec_identity_manager:14.4:*:*:*:*:*:*:*

EPSS

Процентиль: 67%

0.00532

Низкий

5.4 Medium

CVSS3

8.1 High

CVSS3

Дефекты

CWE-79

CWE-779

Связанные уязвимости

GHSA-vv3x-748q-qw26

CVSS3: 5.4

github

около 3 лет назад

An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser.

EPSS

Процентиль: 67%

0.00532

Низкий

5.4 Medium

CVSS3

8.1 High

CVSS3

Дефекты

CWE-79

CWE-779