CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

480 matches found

RedhatCVE•added 2025/05/22 9:17 a.m.•2 views

CVE-2019-25011

NetBox through 2.6.2 allows an Authenticated User to conduct an XSS attack against an admin via a GFM-rendered field, as demonstrated by /dcim/sites/add/ comments...

5.4CVSS6AI score0.00533EPSS

Exploits1References1

RedhatCVE•added 2025/02/10 11:23 p.m.•2 views

CVE-2024-47226

A stored cross-site scripting XSS vulnerability exists in NetBox 4.1.0 within the "Configuration History" feature of the "Admin" panel via a /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the "Top banner" field. NOTE: Multiple third parties...

5.4CVSS5.3AI score0.001EPSS

Exploits1References1

Veracode•added 2024/09/30 6:0 a.m.•3 views

Cross-site Scripting (XSS)

NetBox is vulnerable to stored cross-site scripting XSS. The vulnerability is due to improper sanitization in the "Top banner" field within the "Configuration History" feature of the "Admin" panel, allowing an authenticated user to inject arbitrary JavaScript or HTML...

5.4CVSS5.8AI score0.001EPSS

Exploits1References2Affected Software1

NVD•added 2024/09/22 2:15 a.m.•6 views

CVE-2024-47226

5.4CVSS0.001EPSS

Exploits1References2

OSV•added 2024/09/22 2:15 a.m.•1 views

CVE-2024-47226

5.4CVSS5.4AI score

Exploits0References2

CNNVD•added 2024/09/22 12:0 a.m.•1 views

NetBox 安全漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version 4.1.0, which stems from the presence of a stored cross-site scripting XSS vulnerability that allows ...

5.4CVSS5.4AI score0.001EPSS

Exploits1References4

Vulnrichment•added 2024/09/22 12:0 a.m.•9 views

CVE-2024-47226

5.2AI score0.001EPSS

Exploits1References2

CVE•added 2024/09/22 12:0 a.m.•49 views

CVE-2024-47226

NetBox 4.1.0 is affected by a stored XSS in the Admin panel’s Configuration History feature, via the /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the Top banner field. The issue’s validity is debated by third parties, arguing the banner is...

5.4CVSS5.2AI score0.001EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2024/09/21 12:0 a.m.•1 views

PT-2024-32485

Name of the Vulnerable Software and Affected Versions NetBox version 4.1.0 Description A stored cross-site scripting XSS issue exists within the "Configuration History" feature of the "Admin" panel via the "/core/config-revisions/" endpoint, specifically through the "Add" action. An authenticated...

5.4CVSS5.8AI score0.001EPSS

Exploits1References11

CNVD•added 2024/07/12 12:0 a.m.•7 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37587)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

7.1CVSS6.1AI score0.00282EPSS

Exploits1References1

CNVD•added 2024/07/12 12:0 a.m.•6 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37595)

7.1CVSS6.1AI score0.00282EPSS

Exploits1References1

CNVD•added 2024/07/12 12:0 a.m.•6 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37579)

6.1CVSS6.1AI score0.00181EPSS

Exploits1References1

CNVD•added 2024/07/12 12:0 a.m.•8 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37586)