4 matches found
CVE-2023-25827
Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...
CVE-2023-25827
creationtimestamp| type| source ---|---|--- 2023-05-03 22:31:08+00:00| seen| https://t.me/cibsecurity/63239...
CVE-2023-25827
CVE-2023-25827 affects OpenTSDB; the root cause is insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, enabling reflected cross-site scripting (XSS) in a targeted user’s browser. Connected sources confirm the issue as a browser‑...
CVE-2023-25827 Cross-site Scripting in OpenTSDB
Due to insufficient validation of parameters reflected in error messages by the legacy HTTP query API and the logging endpoint, it is possible to inject and execute malicious JavaScript within the browser of a targeted OpenTSDB user. This issue shares the same root cause as CVE-2018-13003, a...