480 matches found
CVE-2024-56915
Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting XSS via the RSS feed widget...
CVE-2024-56917
Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...
CVE-2024-56917
Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...
CVE-2024-56916
A cross-site scripting flaw was found in Netbox. An attacker with an authenticated account on the system can add malicious Javascript code to a banner field and potentially execute this code in the context of another user's session. Mitigation Mitigation for this issue is either not available or...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56918
A Cross-site scripting flaw was found in Netbox. This flaw allows an attacker with an account on the system to exfiltrate user data from the login form. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteri...
Netbox 安全漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from NetBox Community. A security vulnerability exists in Netbox Community version 4.1.7, which stems from unfiltered user input in the current value field in Configuration...
PT-2025-26758 · Unknown · Netbox Community
Name of the Vulnerable Software and Affected Versions: Netbox Community version 4.1.7 Description: The login page in Netbox Community is vulnerable to cross-site scripting XSS, allowing a privileged, authenticated attacker to exfiltrate user input from the login form. This issue enables the...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
Netbox 安全漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in Netbox version 4.1.7, which stems from a flaw in the maintenance banner that could lead to cross-site scripting...
CVE-2024-56918
In Netbox Community 4.1.7, the login page is vulnerable to cross-site scripting XSS, which allows a privileged, authenticated attacker to exfiltrate user input from the login form...
CVE-2024-56916
In Netbox Community 4.1.7, once authenticated, Configuration History Addis vulnerable to cross-site scripting XSS due to the current value field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a...
Netbox 安全漏洞
NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in Netbox version 4.1.7, which stems from a flaw in the login page that could lead to a cross-site scripting attack...
CVE-2024-56918
CVE-2024-56918 affects Netbox Community 4.1.7, with a login-page cross-site scripting (XSS) vulnerability that can exfiltrate privileged, authenticated user input from the login form. The documents do not provide concrete exploit details or a confirmed patch version. Some entries reference mitiga...
CVE-2024-56917
Netbox Community 4.1.7 is vulnerable to Cross Site Scripting XSS via the maintenance banner in maintenance mode...
CVE-2024-56917
CVE-2024-56917 affects NetBox Community 4.1.7. The vulnerability is a cross-site scripting (XSS) flaw in the maintenance banner when NetBox runs in maintenance mode, allowing injected JavaScript to execute in a viewer’s browser. Affected component is the maintenance banner handling; root cause de...
PT-2025-26761 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox Community version 4.1.7 Description: In Netbox Community, once authenticated, the Configuration History Add option is vulnerable to cross-site scripting XSS due to the current value field rendering user-supplied HTML. An authenticated...