CVE-2023-29836

2023-04-2600:00:00

mitre

www.cve.org

exelysis unified communication solutions

cross site scripting

remote attacker

arbitrary code

username parameter

AI Score

6.6

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON

Cross Site Scripting vulnerability found in Exelysis Unified Communication Solutions (EUCS) v.1.0 allows a remote attacker to execute arbitrary code via the Username parameter of the eucsAdmin login form.

References

github.com/IthacaLabs/Exelysis

github.com/IthacaLabs/Exelysis/blob/main/EUCS%20Admin%20Login%20XSS.txt