CVE-2023-29837

Опубликовано: 17 мая 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution (EUCS) v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page.

Ссылки

https://github.com/IthacaLabs/Exelysis
Product
https://github.com/IthacaLabs/Exelysis/blob/main/EUCS%20Admin%20Login%20XSS_CVE-2023-29836_CVE-2023-29837.txt
Third Party Advisory
https://github.com/IthacaLabs/Exelysis
Product
https://github.com/IthacaLabs/Exelysis/blob/main/EUCS%20Admin%20Login%20XSS_CVE-2023-29836_CVE-2023-29837.txt
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:exelysis:exelysis_unified_communications_solution:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00095

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-8pm5-rr7v-8795