Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Nuclei
Nucleiadded 18 hours ago65 views

Structurizr on-premises - Cross Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194. id: CVE-2023-5556 info: name: Structurizr on-premises - Cross Site Scripting author: shankaracharya severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository...

6.1CVSS5.9AI score0.27325EPSS
Exploits1References3
NVD
NVDadded 2023/10/12 11:15 a.m.11 views

CVE-2023-5556

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194...

6.1CVSS5.6AI score0.27325EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/10/12 10:32 a.m.17 views

CVE-2023-5556 Cross-site Scripting (XSS) - Reflected in structurizr/onpremises

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194...

5.3CVSS6.1AI score0.27325EPSS
Exploits1References2
CVE
CVEadded 2023/10/12 10:32 a.m.69 views

CVE-2023-5556

CVE-2023-5556 corresponds to a reflected Cross-Site Scripting (XSS) in Structurizr on-premises prior to 3194. The vulnerability is triggered via the version parameter in workspace URLs (e.g., GET /workspace/[workspaceid]?version=...). The issue allows an attacker to inject JavaScript in authentic...

6.1CVSS5.4AI score0.27325EPSS
Exploits1References2Affected Software1
OSV
OSVadded 2023/10/12 10:32 a.m.27 views

CVE-2023-5556 Cross-site Scripting (XSS) - Reflected in structurizr/onpremises

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194...

5.3CVSS5.6AI score0.27325EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2023/10/12 12:0 a.m.2 views

PT-2023-32174 · Structurizr · Structurizr/Onpremises

Name of the Vulnerable Software and Affected Versions: structurizr/onpremises versions prior to 3194 Description: The issue is related to Cross-site Scripting XSS - Reflected. This means that an attacker can inject malicious scripts into a website, which are then executed by the user's browser...

6.1CVSS5.1AI score0.27325EPSS
Exploits1References4
CNNVD
CNNVDadded 2023/10/12 12:0 a.m.2 views

onpremises Cross-Site Scripting Vulnerability

onpremises is an open source application from Structurizr. A cross-site scripting vulnerability exists in versions prior to onpremises 3194. An attacker could exploit this vulnerability to perform cross-site scripting attacks...

6.1CVSS6.1AI score0.27325EPSS
Exploits1References3
Huntr
Huntradded 2023/10/03 3:38 p.m.26 views

RXSS in onpremises version of structurizr

Description During investigation it was found that onpremises api endpoint GET parameter version is vulnerable to XSS injection: /workspace/workspaceid?version=1; Proof of Concept 1. Visit the link provided: http:///workspace/1/?version=1%22;alert1; 2. XSS injected...

5.8CVSS6.3AI score0.27325EPSS
Exploits1
Rows per page
Query Builder