480 matches found
CVE-2023-33797
A stored cross-site scripting XSS vulnerability in the Create Sites /dcim/sites/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33790
A stored cross-site scripting XSS vulnerability in the Create Locations /dcim/locations/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33798
A stored cross-site scripting XSS vulnerability in the Create Rack /dcim/rack/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33793
A stored cross-site scripting XSS vulnerability in the Create Power Panels /dcim/power-panels/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33787
A stored cross-site scripting XSS vulnerability in the Create Tenant Groups /tenancy/tenant-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33791
A stored cross-site scripting XSS vulnerability in the Create Provider Accounts /circuits/provider-accounts/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33793
A stored cross-site scripting XSS vulnerability in the Create Power Panels /dcim/power-panels/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33785
A stored cross-site scripting XSS vulnerability in the Create Rack Roles /dcim/rack-roles/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33794
A stored cross-site scripting XSS vulnerability in the Create Tenants /tenancy/tenants/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33796
A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: the vendor disputes this because the reporter's only query was for the schema of the API, which is public; querie...
CVE-2023-33787
A stored cross-site scripting XSS vulnerability in the Create Tenant Groups /tenancy/tenant-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33792
A stored cross-site scripting XSS vulnerability in the Create Site Groups /dcim/site-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33789
A stored cross-site scripting XSS vulnerability in the Create Contact Groups /tenancy/contact-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33796
A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: the vendor disputes this because the reporter's only query was for the schema of the API, which is public; querie...
CVE-2023-33789
A stored cross-site scripting XSS vulnerability in the Create Contact Groups /tenancy/contact-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33785
A stored cross-site scripting XSS vulnerability in the Create Rack Roles /dcim/rack-roles/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33794
A stored cross-site scripting XSS vulnerability in the Create Tenants /tenancy/tenants/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33794
A stored cross-site scripting XSS vulnerability in the Create Tenants /tenancy/tenants/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33796
A vulnerability in Netbox v3.5.1 allows unauthenticated attackers to execute queries against the GraphQL database, granting them access to sensitive data stored in the database. NOTE: the vendor disputes this because the reporter's only query was for the schema of the API, which is public; querie...
CVE-2023-33787
A stored cross-site scripting XSS vulnerability in the Create Tenant Groups /tenancy/tenant-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...