exploitDog

CVE-2023-34796

Опубликовано: 22 июн. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f, allows unauthenticated attackers to execute arbitrary code via the org_name or domain values.

Ссылки

https://github.com/techsneeze/dmarcts-report-viewer/pull/88
Vendor Advisory
https://xmit.xyz/security/dmarcd-for-death/
Exploit
Technical Description
Third Party Advisory
https://github.com/techsneeze/dmarcts-report-viewer/pull/88
Vendor Advisory
https://xmit.xyz/security/dmarcd-for-death/
Exploit
Technical Description
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:techsneeze:dmarc_report:1.1:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00858

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-672p-gf4j-x5jc

CVSS3: 6.1

github

больше 2 лет назад

Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f, allows unauthenticated attackers to execute arbitrary code via the org_name or domain values.

EPSS

Процентиль: 75%

0.00858

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79