CVE-2023-28083 Potential Cross-Site scripting vulnerability in HPE Integrated Lights-Out 6 (iLO 6), Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4).

🗓️ 20 Mar 2023 12:34:16Reported by hpeType

Potential Cross-Site scripting vulnerability in HPE Integrated Lights-Out 6, 5, and

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2023-28083	26 Feb 202519:24	–	circl
CNNVD	Hewlett Packard Enterprise Integrated Lights-Out 跨站脚本漏洞	22 Mar 202300:00	–	cnnvd
CVE	CVE-2023-28083	20 Mar 202312:34	–	cve
EUVD	EUVD-2023-31808	3 Oct 202520:07	–	euvd
NCSC	Vulnerability fixed in HP Integrated Lights Out (ILO)	16 Mar 202300:00	–	ncsc
NVD	CVE-2023-28083	22 Mar 202306:15	–	nvd
OSV	CVE-2023-28083	22 Mar 202306:15	–	osv
Prion	Cross site scripting	22 Mar 202306:15	–	prion
RedhatCVE	CVE-2023-28083	23 May 202503:34	–	redhatcve
Tenable Nessus	HP Integrated Lights-Out Improper Neutralization of Input During Web Page Generation (CVE-2023-28083)	13 Nov 202500:00	–	nessus

[
  {
    "defaultStatus": "affected",
    "product": "Integrated Lights-Out",
    "vendor": "HPE",
    "versions": [
      {
        "lessThan": "1.20",
        "status": "affected",
        "version": "Integrated Lights-Out 6 (iLO 6)",
        "versionType": "1.20"
      },
      {
        "lessThan": "2.78",
        "status": "affected",
        "version": "Integrated Lights-Out 5 (iLO 5) ",
        "versionType": "2.78"
      },
      {
        "lessThan": "2.82",
        "status": "affected",
        "version": "Integrated Lights-Out 4 (iLO 4)",
        "versionType": "2.82"
      }
    ]
  }
]

Source	Link
support	www.support.hpe.com/hpesc/public/docDisplay

22 Mar 2023 04:39Current

8.2High risk

Vulners AI Score8.2

CVSS 3.18.3

EPSS0.00445

CWE-79