Podatność CVE-2023-49488
Publikacja: 2023-12-11   Modyfikacja: 2023-12-14

Opis:
A cross-site scripting (XSS) vulnerability in Openfiler ESA v2.99.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the nic parameter.

Typ:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

Affected software
Openfiler -> Openfiler 

 Referencje:
https://github.com/Hebing123/cve/issues/1
Copyright 2024, cxsecurity.com

 

Back to Top