exploitDog

CVE-2023-36306

Опубликовано: 08 авг. 2023

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components.

Ссылки

https://www.exploit-db.com/exploits/51643
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/51643
Exploit
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:adiscon:loganalyzer:*:*:*:*:*:*:*:*

Версия до 4.1.13 (включая)

EPSS

Процентиль: 91%

0.06137

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-jrc2-mc36-hv5c

CVSS3: 6.1

github

больше 2 лет назад

A Cross Site Scripting (XSS) vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components.

EPSS

Процентиль: 91%

0.06137

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79