Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2023-29457
HistoryJul 13, 2023 - 10:15 a.m.

CVE-2023-29457

2023-07-1310:15:09
Debian Security Bug Tracker
security-tracker.debian.org
6
reflected xss
action form
execution
malicious scripts
web vulnerability
request

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

30.2%

Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim’s browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts.

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

EPSS

0.001

Percentile

30.2%