Lucene search
PRIOn knowledge basePRION:CVE-2023-34360HistoryJul 31, 2023 - 6:15 a.m.
Cross site scripting
2023-07-3106:15:00
PRIOn knowledge base
www.prio-n.com
4
stored cross-site scripting
asus rt-ax88u
firmware 3.0.0.4.388.23110
remote attacker
regular user privilege
image upload
0.001 Low
EPSS
Percentile
20.8%
A stored cross-site scripting (XSS) issue was discovered within the Custom User Icons functionality of ASUS RT-AX88U running firmware versions 3.0.0.4.388.23110 and prior. After a remote attacker logging in device with regular user privilege, the remote attacker can perform a Stored Cross-site Scripting (XSS) attack by uploading image which containing JavaScript code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rt-ax88u_firmware | le | 3.0.0.4.388.23110 |
Related
cvelist
cvelist
CVE-2023-34360 ASUS RT-AX88U - Stored XSS
2023-07-31 05:32:14
cve
cve
CVE-2023-34360
2023-07-31 06:15:09
cnvd
cnvd
ASUS RT-AX88U Cross-Site Scripting Vulnerability (CNVD-2023-63441)
2023-08-03 00:00:00
nvd
nvd
CVE-2023-34360
2023-07-31 06:15:09