CVE-2023-31703

Опубликовано: 17 мая 2023

Источник: nvd

CVSS3: 9

EPSS Низкий

Описание

Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.

Ссылки

http://packetstormsecurity.com/files/172540/eScan-Management-Console-14.0.1400.2281-Cross-Site-Scripting.html
Exploit
Third Party Advisory
https://github.com/sahiloj/CVE-2023-31703/blob/main/README.md
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/172540/eScan-Management-Console-14.0.1400.2281-Cross-Site-Scripting.html
Exploit
Third Party Advisory
https://github.com/sahiloj/CVE-2023-31703/blob/main/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281:*:*:*:*:*:*:*

EPSS

Процентиль: 79%

0.01316

Низкий

9 Critical

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-vq6f-hwm4-jp2v