Lucene search
ApacheCVELIST:CVE-2023-38435HistoryJul 25, 2023 - 3:40 p.m.
CVE-2023-38435 Apache Felix Healthcheck Webconsole Plugin: XSS in healthcheck webconsole plugin
2023-07-2515:40:05
CWE-79
apache
www.cve.org
apache
felix
healthcheck
webconsole
plugin
xss
vulnerability
cwe-79
upgrade
0.006 Low
EPSS
Percentile
77.9%
An improper neutralization of input during web page generation (‘Cross-site Scripting’) [CWE-79] vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior may allow an attacker to perform a reflected cross-site scripting (XSS) attack.
Upgrade to Apache Felix Healthcheck Webconsole Plugin 2.1.0 or higher.
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Apache Felix Healthcheck Webconsole Plugin",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "2.0.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
]Related
cve
cve
CVE-2023-38435
2023-07-25 16:15:11
veracode
veracode
Cross-Site Scripting (XSS)
2023-07-26 10:47:47
nvd
nvd
CVE-2023-38435
2023-07-25 16:15:11
prion
prion
Cross site scripting
2023-07-25 16:15:00
osv
osv
Cross-site Scripting in healthcheck webconsole plugin
2023-07-25 18:30:32
github
github
Cross-site Scripting in healthcheck webconsole plugin
2023-07-25 18:30:32