Lucene search
MitreCVELIST:CVE-2023-23313HistoryMar 03, 2023 - 12:00 a.m.
CVE-2023-23313
2023-03-0300:00:00
mitre
www.cve.org
draytek products
cross site scripting
xss
web application management
vigor3910
vigor1000b
vigor2962
vigor2865
vigor2866
vigor2927
vigor2915
vigor2765
vigor2766
vigor2135
vigor2763
vigor2862
vigor2926
vigor2925
vigor2952
vigor3220
vigor2133
vigor2762
vigor2832
0.001 Low
EPSS
Percentile
32.3%
Certain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the routerβs web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2.
Related
cve
cve
CVE-2023-23313
2023-03-03 22:15:09
prion
prion
Cross site scripting
2023-03-03 22:15:00
nvd
nvd
CVE-2023-23313
2023-03-03 22:15:09