Podatność CVE-2023-32193


Publikacja: 2024-10-16

Opis:
A vulnerability has been identified in which unauthenticated cross-site
scripting (XSS) in Norman's public API endpoint can be exploited. This
can lead to an attacker exploiting the vulnerability to trigger
JavaScript code and execute commands remotely.

Typ:

CWE-80

(Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS))

 Referencje:
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32193
https://github.com/rancher/norman/security/advisories/GHSA-r8f4-hv23-6qp6

Copyright 2024, cxsecurity.com

 

Back to Top