Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-6333

Опубликовано: 07 дек. 2023
Источник: nvd
CVSS3: 7.5
CVSS3: 5.4
EPSS Низкий

Описание

The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:controlbyweb:x-332-24i_firmware:1.06:*:*:*:*:*:*:*
cpe:2.3:h:controlbyweb:x-332-24i:-:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:o:controlbyweb:x-301-i_firmware:1.15:*:*:*:*:*:*:*
cpe:2.3:h:controlbyweb:x-301-i:-:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:o:controlbyweb:x-301-24i_firmware:1.15:*:*:*:*:*:*:*
cpe:2.3:h:controlbyweb:x-301-24i:-:*:*:*:*:*:*:*

EPSS

Процентиль: 8%
0.00029
Низкий

7.5 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79
CWE-79

Связанные уязвимости

github логотип

GHSA-4c8p-2m43-22fp

CVSS3: 7.5
github
около 2 лет назад

The affected ControlByWeb Relay products are vulnerable to a stored cross-site scripting vulnerability, which could allow an attacker to inject arbitrary scripts into the endpoint of a web interface that could run malicious javascript code during a user's session.

EPSS

Процентиль: 8%
0.00029
Низкий

7.5 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79
CWE-79