Lucene search
HistoryMay 30, 2023 - 8:15 p.m.
CVE-2023-23956
html code execution
javascript code execution
client browser vulnerability
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
46.9%
A user can supply malicious HTML and JavaScript code that will be executed in the client browser
Affected configurations
Node
broadcomsymantec_siteminder_webagentMatch12.52
| Vendor | Product | Version | CPE |
|---|---|---|---|
| broadcom | symantec_siteminder_webagent | 12.52 | cpe:2.3:a:broadcom:symantec_siteminder_webagent:12.52:*:*:*:*:*:*:* |
Related
prion
prion
Input validation
2023-05-30 20:15:00
exploitdb
exploitdb
Symantec SiteMinder WebAgent v12.52 - Cross-site scripting (XSS)
2023-06-19 00:00:00
cvelist
cvelist
CVE-2023-23956
2023-05-30 00:00:00
cve
cve
CVE-2023-23956
2023-05-30 20:15:10
zdt
zdt
Symantec SiteMinder WebAgent v12.52 - Cross-site scripting Vulnerability
2023-06-19 00:00:00
packetstorm
packetstorm
Symantec SiteMinder WebAgent 12.52 Cross Site Scripting
2023-06-20 00:00:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
46.9%
Related for NVD:CVE-2023-23956