Lucene search
K

25 matches found

Vulnrichment
Vulnrichment
added 2023/10/19 9:5 p.m.17 views

CVE-2023-45815 Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context in ArchiveBox

ArchiveBox is an open source self-hosted web archiving system. Any users who are using the wget extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to...

6.4CVSS6.5AI score0.00422EPSS
Exploits1References2
OSV
OSV
added 2023/10/19 9:5 p.m.35 views

CVE-2023-45815 Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context in ArchiveBox

ArchiveBox is an open source self-hosted web archiving system. Any users who are using the wget extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to...

6.4CVSS5.3AI score0.00422EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2023/10/19 4:13 p.m.44 views

Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context

Impact Any users who are using the wget or dom extractors and view the content they output. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to target your ArchiveBox instance. Malicious JS...

6.4CVSS5.4AI score0.00422EPSS
Exploits1References11Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.5 views

PT-2023-29705 · Unknown +1 · Archivebox +1

Name of the Vulnerable Software and Affected Versions: ArchiveBox affected versions not specified Description: The issue affects users of the wget extractor who view the content it outputs. If a user is logged in to the ArchiveBox admin site in the same browser session and views an archived...

7.4CVSS5.4AI score0.00422EPSS
Exploits1References18
CNNVD
CNNVD
added 2023/10/19 12:0 a.m.5 views

ArchiveBox Cross-Site Scripting Vulnerability

ArchiveBox is ArchiveBox Open Source, a powerful self-hosted Internet archiving solution for collecting, saving and viewing websites you want to save offline. ArchiveBox has a security vulnerability that stems from the presence of a cross-site scripting vulnerability...

6.4CVSS6.2AI score0.00422EPSS
Exploits1References3
Rows per page
Query Builder