Описание
A stored cross-site scripting (XSS) vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment (PVE) 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view the affected configuration page. This can lead to arbitrary JavaScript execution.
Ссылки
- Vendor AdvisoryIssue Tracking
- ExploitThird Party Advisory
- Broken Link
- ExploitThird Party Advisory
Уязвимые конфигурации
EPSS
5.4 Medium
CVSS3
Дефекты
Связанные уязвимости
A stored cross-site scripting (XSS) vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment (PVE) 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view the affected configuration page. This can lead to arbitrary JavaScript execution.
EPSS
5.4 Medium
CVSS3