Security
Headlines
HeadlinesLatestCVEs

Tag

#xss

CVE-2023-33792: Stored Cross Site Scripting Vulnerability in "Create Site Groups" function in Netbox 3.5.1 · Issue #10 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Site Groups (/dcim/site-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE
Open in Source
#xss#vulnerability#web#auth
CVE-2023-33793: Stored Cross Site Scripting Vulnerability in "Create Power Panels" function in Netbox 3.5.1 · Issue #1 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Power Panels (/dcim/power-panels/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33794: Stored Cross Site Scripting Vulnerability in "Create Tenants" function in Netbox 3.5.1 · Issue #5 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Tenants (/tenancy/tenants/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2022-42225: Multiple XSS

Jumpserver 2.10.0 <= version <= 2.26.0 contains multiple stored XSS vulnerabilities because of improper filtering of user input, which can execute any javascript under admin's permission.

CVE-2023-33788: Stored Cross Site Scripting Vulnerability in "Create Providers" function in Netbox 3.5.1 · Issue #3 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Providers (/circuits/providers/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33787: Stored Cross Site Scripting Vulnerability in "Create Tenant Groups" function in Netbox 3.5.1 · Issue #6 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Tenant Groups (/tenancy/tenant-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33786: Stored Cross Site Scripting Vulnerability in "Create Circuit Types" function in Netbox 3.5.1 · Issue #2 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Circuit Types (/circuits/circuit-types/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33789: Stored Cross Site Scripting Vulnerability in "Create Contact Groups" function in Netbox 3.5.1 · Issue #7 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Contact Groups (/tenancy/contact-groups/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33785: Stored Cross Site Scripting Vulnerability in "Create Rack Roles" function in Netbox 3.5.1 · Issue #8 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Rack Roles (/dcim/rack-roles/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.

CVE-2023-33790: Stored Cross Site Scripting Vulnerability in "Create Locations" function in Netbox 3.5.1 · Issue #9 · anhdq201/netbox

A stored cross-site scripting (XSS) vulnerability in the Create Locations (/dcim/locations/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.