Lucene search
Andreas FinstadEDB-ID:51264HistoryApr 05, 2023 - 12:00 a.m.
Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)
2023-04-0500:00:00
Andreas Finstad
www.exploit-db.com
52
provide server v.14.4
cross site scripting
csrf
remote code execution
windows server 2022
cve-2023-23286
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
46.5%
# Exploit Title: Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)
# Date: 2023-02-10
# Exploit Author: Andreas Finstad
# Version: < 14.4.1.29
# Tested on: Windows Server 2022
# CVE : CVE-2023-23286
POC:
https://f20.be/blog/provide-server-14-4Related
cve
cve
CVE-2023-23286
2023-02-10 03:15:11
prion
prion
Cross site scripting
2023-02-10 03:15:00
packetstorm
packetstorm
Provide Server 14.4 XSS / Cross Site Request Forgery / Code Execution
2023-04-06 00:00:00
nvd
nvd
CVE-2023-23286
2023-02-10 03:15:11
cvelist
cvelist
CVE-2023-23286
2023-02-10 00:00:00
zdt
zdt
Provide Server v.14.4 XSS - CSRF & Remote Code Execution Vulnerabilities
2023-04-05 00:00:00
6.1 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
46.5%
Related for EDB-ID:51264