Lucene search
SymantecCVE-2023-23956HistoryMay 30, 2023 - 8:15 p.m.
CVE-2023-23956
2023-05-3020:15:10
CWE-79
symantec
web.nvd.nist.gov
22
cve-2023-23956
nvd
security
malicious code
html
javascript
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
46.9%
A user can supply malicious HTML and JavaScript code that will be executed in the client browser
Affected configurations
Node
broadcomsymantec_siteminder_webagentMatch12.52
| Vendor | Product | Version | CPE |
|---|---|---|---|
| broadcom | symantec_siteminder_webagent | 12.52 | cpe:2.3:a:broadcom:symantec_siteminder_webagent:12.52:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "Symantec SiteMinder WebAgent",
"versions": [
{
"version": "12.5.2",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2023-23956
2023-05-30 20:15:10
prion
prion
Input validation
2023-05-30 20:15:00
cvelist
cvelist
CVE-2023-23956
2023-05-30 00:00:00
zdt
zdt
Symantec SiteMinder WebAgent v12.52 - Cross-site scripting Vulnerability
2023-06-19 00:00:00
packetstorm
packetstorm
Symantec SiteMinder WebAgent 12.52 Cross Site Scripting
2023-06-20 00:00:00
exploitdb
exploitdb
Symantec SiteMinder WebAgent v12.52 - Cross-site scripting (XSS)
2023-06-19 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
46.9%
Related for CVE-2023-23956