Lucene search
MitreCVE-2023-39678HistoryAug 29, 2023 - 8:15 p.m.
CVE-2023-39678
2023-08-2920:15:10
CWE-79
mitre
web.nvd.nist.gov
16
cve-2023-39678
cross-site scripting
xss
vulnerability
bdcom olt
p3310d-2ac
10.1.0f
build 69083
log query page
web interface
nvd
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
30.2%
A cross-site scripting (XSS) vulnerability in the device web interface (Log Query page) of BDCOM OLT P3310D-2AC 10.1.0F Build 69083 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter.
Affected configurations
Node
bdcomp3310d-2ac_firmwareMatch10.1.0fbuild_69083
bdcomp3310d-2acMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| bdcom | p3310d-2ac_firmware | 10.1.0f | cpe:2.3:o:bdcom:p3310d-2ac_firmware:10.1.0f:build_69083:*:*:*:*:*:* |
| bdcom | p3310d-2ac | - | cpe:2.3:h:bdcom:p3310d-2ac:-:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2023-39678
2023-08-29 20:15:10
prion
prion
Cross site scripting
2023-08-29 20:15:00
cvelist
cvelist
CVE-2023-39678
2023-08-29 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
30.2%
Related for CVE-2023-39678