CVE-2023-51946

Опубликовано: 19 янв. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Multiple reflected cross-site scripting (XSS) vulnerabilities in nasSvr.php in actidata actiNAS-SL-2U-8 3.2.03-SP1 allow remote attackers to inject arbitrary web script or HTML.

Ссылки

http://actidata.com
Product
https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51946/README.md
Exploit
Third Party Advisory
https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx
Product
http://actidata.com
Product
https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51946/README.md
Exploit
Third Party Advisory
https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:actidata:actinas_sl_2u-8_rdx_firmware:3.2.03:sp1:*:*:*:*:*:*

cpe:2.3:h:actidata:actinas_sl_2u-8_rdx:-:*:*:*:*:*:*:*

EPSS

Процентиль: 31%

0.00116

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-hv3m-r794-pg43