Lucene search
GitHub Advisory DatabaseGHSA-5CV4-48H7-7782HistoryAug 17, 2023 - 6:30 a.m.
Cockpit Cross-site Scripting vulnerability
2023-08-1706:30:13
CWE-79
GitHub Advisory Database
github.com
13
cross-site scripting
github
cockpit
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.0004 Low
EPSS
Percentile
14.2%
Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit 2.6.3 and prior. A patch is available at commit 36d1d4d256cbbab028342ba10cc493e5c119172c and anticipated to be part of version 2.6.4.
Affected configurations
Node
cockpit-hqcockpitRange≤2.6.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| cockpit-hq/cockpit | le | 2.6.3 |
Related
prion
prion
Cross site scripting
2023-08-17 04:15:00
cve
cve
CVE-2023-4395
2023-08-17 04:15:10
osv
osv
Cockpit Cross-site Scripting vulnerability
2023-08-17 06:30:13
CVE-2023-4395
2023-08-17 04:15:10
huntr
huntr
File Upload Bypass Leads to Stored XSS
2023-08-15 02:05:50
nvd
nvd
CVE-2023-4395
2023-08-17 04:15:10
cvelist
cvelist
CVE-2023-4395 Cross-site Scripting (XSS) - Stored in cockpit-hq/cockpit
2023-08-17 03:52:35
veracode
veracode
Cross-Site Scripting (XSS)
2023-08-18 03:00:51
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.0004 Low
EPSS
Percentile
14.2%
Related for GHSA-5CV4-48H7-7782