Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

🗓️ 05 Dec 2023 00:00:00Reported by https://gitlab.com/gitlab-org/security-products/gemnasium-dbType

Improper Neutralization of Input During Web Page Generation in Ajax.NET Professiona

Reporter	Title	Published	Views	Family All 9
OSV	Ajax Pro Cross-site Scripting	5 Dec 202300:06	–	osv
OSV	CVE-2023-49289	5 Dec 202300:15	–	osv
NVD	CVE-2023-49289	5 Dec 202300:15	–	nvd
Cvelist	CVE-2023-49289 Cross-site Scripting in Ajax.NET Professional	4 Dec 202323:53	–	cvelist
Vulnrichment	CVE-2023-49289 Cross-site Scripting in Ajax.NET Professional	4 Dec 202323:53	–	vulnrichment
CVE	CVE-2023-49289	5 Dec 202300:15	–	cve
Github Security Blog	Ajax Pro Cross-site Scripting	5 Dec 202300:06	–	github
Prion	Cross site scripting	5 Dec 202300:15	–	prion
Veracode	Cross-Site Scripting(XSS)	5 Dec 202307:52	–	veracode

Vulners

Node

nuget ajaxnetprofessionalRange<21.12.22.1

Source	Link
github	www.github.com/michaelschwarz/Ajax.NET-Professional/security/advisories/GHSA-8v6j-gc74-fmpp
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-49289
github	www.github.com/michaelschwarz/Ajax.NET-Professional/commit/c89e39b9679fcb8ab6644fe21cc7e652cb615e2b
nuget	www.nuget.org/packages/AjaxNetProfessional/
github	www.github.com/advisories/GHSA-8v6j-gc74-fmpp

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

05 Dec 2023 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS35.4 - 6.3

EPSS0.001

SSVC