Lucene search
MitreCVELIST:CVE-2023-41642HistoryAug 31, 2023 - 12:00 a.m.
CVE-2023-41642
2023-08-3100:00:00
mitre
www.cve.org
4
cross-site scripting
reflected xss
errorenongestito.aspx
grupposcai realgimm
viewstate parameter
EPSS
0.001
Percentile
41.9%
Multiple reflected cross-site scripting (XSS) vulnerabilities in the ErroreNonGestito.aspx component of GruppoSCAI RealGimm 1.1.37p38 allow attackers to execute arbitrary Javascript in the context of a victim userβs browser via a crafted payload injected into the VIEWSTATE parameter.
References
github.com/CapgeminiCisRedTeam/Disclosure/blob/f7aafa9fcd4efa30071c7f77d3e9e6b14e92302b/CVE%20PoC/CVE-2023-41642%20%7C%20RealGimm%20%20-%20Reflected%20Cross-site%20Scripting.md
github.com/CapgeminiCisRedTeam/Disclosure/blob/main/CVE%20PoC/CVE-ID%20%7C%20RealGimm%20%20-%20Reflected%20Cross-site%20Scripting.md
Related
nvd
nvd
CVE-2023-41642
2023-08-31 14:15:09
prion
prion
Cross site scripting
2023-08-31 14:15:00
cve
cve
CVE-2023-41642
2023-08-31 14:15:09
nuclei
nuclei
RealGimm by GruppoSCAI v1.1.37p38 - Cross-Site Scripting
2023-10-09 09:16:15