Lucene search
+L

160 matches found

NVD
NVD
added 2024/03/06 11:15 a.m.11 views

CVE-2024-2211

Cross-Site Scripting stored vulnerability in Gophish affecting version 0.12.1. This vulnerability could allow an attacker to store a malicious JavaScript payload in the campaign menu and trigger the payload when the campaign is removed from the menu...

6.1CVSS4.4AI score0.00292EPSS
Exploits0References1
Prion
Prion
added 2024/03/06 11:15 a.m.16 views

Cross site scripting

Cross-Site Scripting stored vulnerability in Gophish affecting version 0.12.1. This vulnerability could allow an attacker to store a malicious JavaScript payload in the campaign menu and trigger the payload when the campaign is removed from the menu...

4.9CVSS6.2AI score0.00292EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/06 10:47 a.m.13 views

CVE-2024-2211 Cross-Site Scripting vulnerability in Gophish Admin Panel

Cross-Site Scripting stored vulnerability in Gophish affecting version 0.12.1. This vulnerability could allow an attacker to store a malicious JavaScript payload in the campaign menu and trigger the payload when the campaign is removed from the menu...

4.6CVSS6AI score0.00292EPSS
Exploits0References1
CVE
CVE
added 2024/03/06 10:47 a.m.70 views

CVE-2024-2211

Cross-Site Scripting stored vulnerability in Gophish Admin Panel (version 0.12.1) allows storing a malicious JavaScript payload in the campaign menu and triggering it when the campaign is removed from the menu. Affected: Gophish; root cause: stored XSS in the campaign menu; impact: potential for ...

6.1CVSS4.4AI score0.00292EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/03/06 10:47 a.m.18 views

CVE-2024-2211 Cross-Site Scripting vulnerability in Gophish Admin Panel

Cross-Site Scripting stored vulnerability in Gophish affecting version 0.12.1. This vulnerability could allow an attacker to store a malicious JavaScript payload in the campaign menu and trigger the payload when the campaign is removed from the menu...

4.6CVSS4.7AI score0.00292EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 10:47 a.m.6 views

CVE-2024-2211 Cross-Site Scripting vulnerability in Gophish Admin Panel

Cross-Site Scripting stored vulnerability in Gophish affecting version 0.12.1. This vulnerability could allow an attacker to store a malicious JavaScript payload in the campaign menu and trigger the payload when the campaign is removed from the menu...

4.6CVSS6AI score0.00292EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/06 12:0 a.m.2 views

Gophish Cross-Site Scripting Vulnerability

Gophish is an open source phishing framework. A cross-site scripting vulnerability exists in Gophish version 0.12.1, which stems from the presence of a stored cross-site scripting XSS vulnerability...

6.1CVSS5.8AI score0.00292EPSS
Exploits0References2
Veracode
Veracode
added 2023/04/05 7:44 a.m.27 views

Denial Of Services (DoS)

github.com/gophish/gophish is vulnerable to Denial Of Services DoS. An attacker can cause an application crash through a crafted payload involving autofocus...

7.5CVSS7.1AI score0.01036EPSS
Exploits1References4Affected Software1
Veracode
Veracode
added 2023/03/31 4:51 a.m.21 views

Cross-Site Scripting (XSS)

github.com/gophish/gophish is vulnerable to Cross-Site Scripting XSS attacks. The library does not properly escape the user input before it output to the front end, allowing an attacker to inject and execute malicious JavaScript on victim's browser via a crafted landing page...

6.1CVSS5.7AI score0.00595EPSS
Exploits1References3Affected Software1
Github Security Blog
Github Security Blog
added 2023/03/22 9:30 p.m.34 views

Gophish vulnerable to Cross-site Scripting via crafted landing page

Gophish through 0.12.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted landing page...

6.1CVSS5.6AI score0.00595EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2023/03/22 9:30 p.m.39 views

Gophish vulnerable to Denial of Service via crafted payload involving autofocus

Gophish through 0.12.1 allows attackers to cause a Denial of Service DoS via a crafted payload involving autofocus...

7.5CVSS7AI score0.01036EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2023/03/22 9:30 p.m.41 views

GHSA-8GG8-WR4J-V2WR Gophish vulnerable to Denial of Service via crafted payload involving autofocus

Gophish through 0.12.1 allows attackers to cause a Denial of Service DoS via a crafted payload involving autofocus...

7.5CVSS7.2AI score0.01036EPSS
Exploits1References4
OSV
OSV
added 2023/03/22 9:30 p.m.34 views

GHSA-55M9-HM92-XM8J Gophish vulnerable to Cross-site Scripting via crafted landing page

Gophish through 0.12.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted landing page...

6.1CVSS5.9AI score0.00595EPSS
Exploits1References4
NVD
NVD
added 2023/03/22 9:15 p.m.22 views

CVE-2022-45004

Gophish through 0.12.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted landing page...

6.1CVSS6AI score0.00595EPSS
Exploits1References2
NVD
NVD
added 2023/03/22 9:15 p.m.25 views

CVE-2022-45003

Gophish through 0.12.1 allows attackers to cause a Denial of Service DoS via a crafted payload involving autofocus...

7.5CVSS7.3AI score0.01036EPSS
Exploits1References2
Prion
Prion
added 2023/03/22 9:15 p.m.24 views

Design/Logic Flaw

Gophish through 0.12.1 allows attackers to cause a Denial of Service DoS via a crafted payload involving autofocus...

5CVSS7.3AI score0.01036EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2023/03/22 9:15 p.m.19 views

Cross site scripting

Gophish through 0.12.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted landing page...

5.8CVSS5.9AI score0.00595EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2023/03/22 12:0 a.m.5 views

Gophish 跨站脚本漏洞

Gophish is an open source phishing framework. A security vulnerability exists in Gophish version 0.12.1, which stems from the login page containing a cross-site scripting vulnerability...

6.1CVSS5.8AI score0.00595EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/03/22 12:0 a.m.5 views

Gophish 安全漏洞

Gophish is an open source phishing framework. A security vulnerability exists in Gophish version 0.12.1, which can be exploited by an attacker to cause a denial of service DoS via a crafted payload...

7.5CVSS7.3AI score0.01036EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/03/22 12:0 a.m.7 views

CVE-2022-45003

Gophish through 0.12.1 allows attackers to cause a Denial of Service DoS via a crafted payload involving autofocus...

7.3AI score0.01036EPSS
Exploits1References2
Rows per page
Query Builder