exploitDog

CVE-2023-33731

Опубликовано: 02 июн. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly.

Ссылки

https://github.com/sahiloj/CVE-2023-33731/blob/main/CVE-2023-33731.md
Exploit
Third Party Advisory
https://owasp.org/www-community/attacks/xss/
Not Applicable
https://github.com/sahiloj/CVE-2023-33731/blob/main/CVE-2023-33731.md
Exploit
Third Party Advisory
https://owasp.org/www-community/attacks/xss/
Not Applicable

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00361

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-2jv8-77qv-pf96

CVSS3: 6.1

github

больше 2 лет назад

Reflected Cross Site Scripting (XSS) in the view dashboard detail feature in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the URL directly.

EPSS

Процентиль: 58%

0.00361

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79