480 matches found
PT-2023-24499 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A vulnerability allows unauthenticated attackers to execute queries against the GraphQL database, potentially granting them access to sensitive data stored in the database. However, the vendor disputes this,...
CVE-2023-33793
CVE-2023-33793 is a stored XSS affecting NetBox v3.5.1 in the Create Power Panels API at /dcim/power-panels/ via the Name field. Multiple sources corroborate the flaw; the NVD entry assigns CVSSv3.1 base score 5.4 (Medium) with network attack vector, low complexity, user interaction required. The...
CVE-2023-33797
Summary: CVE-2023-33797 is a stored XSS vulnerability in NetBox v3.5.1 affecting the Create Sites endpoint (/dcim/sites/) where a crafted payload injected into the Name field can execute arbitrary scripts/HTML. Technical details in sources indicate NetBox 3.5.1 is affected; no explicit exploit co...
NetBox 跨站脚本漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version v3.5.1, which stems from the presence of a stored cross-site scripting XSS vulnerability that allows...
PT-2023-24496 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Power Panels function, specifically at the /dcim/power-panels/ API endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecti...
NetBox 跨站脚本漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox v3.5.1, which stems from a security issue in the Create Contact Roles /tenancy/contact-roles/ feature that c...
NetBox 跨站脚本漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version v3.5.1, which stems from a security issue in the Create Tenants /tenancy/tenants/ feature, and can b...
NetBox 跨站脚本漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version v3.5.1, which stems from a security issue in the Create Sites /dcim/sites/ feature, and can be...
CVE-2023-33795
A stored cross-site scripting XSS vulnerability in the Create Contact Roles /tenancy/contact-roles/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33792
A stored cross-site scripting XSS vulnerability in the Create Site Groups /dcim/site-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33799
A stored cross-site scripting XSS vulnerability in the Create Contacts /tenancy/contacts/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33794
A stored cross-site scripting XSS vulnerability in the Create Tenants /tenancy/tenants/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33798
A stored cross-site scripting XSS vulnerability in the Create Rack /dcim/rack/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
NetBox 跨站脚本漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version v3.5.1, which stems from a security issue in the Create Rack /dcim/rack/ feature, and can be exploit...
CVE-2023-33792
NetBox CVE-2023-33792 is a stored XSS in the Create Site Groups API (/dcim/site-groups/) affecting NetBox v3.5.1. The payload is injected into the Name field, allowing execution of arbitrary web scripts or HTML. CVSS v3.1 base score 5.4 (MEDIUM) with network attack vector, user interaction requir...
CVE-2023-33794
NetBox 3.5.1 is affected by a stored XSS vulnerability in the Create Tenants API (endpoint /tenancy/tenants/) where an attacker can inject arbitrary web scripts/HTML via the Name field. Multiple connected sources (NVD, Red Hat, OSV, CVE.org, CNNVD, etc.) confirm the issue as a stored XSS conditio...
CVE-2023-33790
A stored cross-site scripting XSS vulnerability in the Create Locations /dcim/locations/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
NetBox 跨站脚本漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version v3.5.1, which stems from a security issue in the Create Regions /dcim/regions/ function, and can be...
CVE-2023-33795
A stored cross-site scripting XSS vulnerability in the Create Contact Roles /tenancy/contact-roles/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
PT-2023-24488 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Rack Roles function, specifically at the /dcim/rack-roles/ API endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a...