CVE-2023-3196

Опубликовано: 03 окт. 2023

Источник: nvd

CVSS3: 4.7

CVSS3: 4.8

EPSS Низкий

Описание

This vulnerability could allow an attacker to store a malicious JavaScript payload in the login footer and login page description parameters within the administration panel.

Ссылки

https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/config.js?ref_type=heads#L38
https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/helpers/html.js?ref_type=heads
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis
Third Party Advisory
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:capensis:canopsis:23.04:alpha3:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.0005

Низкий

4.7 Medium

CVSS3

4.8 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-66jg-m4hw-q8f2

CVSS3: 4.7

github

больше 2 лет назад

This vulnerability could allow an attacker to store a malicious JavaScript payload in the login footer and login page description parameters within the administration panel.

EPSS

Процентиль: 16%

0.0005

Низкий

4.7 Medium

CVSS3

4.8 Medium

CVSS3

Дефекты

CWE-79