2 matches found
CVE-2023-36306
A Cross Site Scripting XSS vulnerability in Adiscon Aiscon LogAnalyzer through 4.1.13 allows a remote attacker to execute arbitrary code via the asktheoracle.php, details.php, index.php, search.php, export.php, reports.php, and statistics.php components...
CVE-2023-36306
CVE-2023-36306 affects Adiscon LogAnalyzer v4.1.13 and earlier. The vulnerability is a stored/reflected Cross-Site Scripting (XSS) that allows unauthenticated attackers to inject JavaScript via the asktheoracle.php parameter (uid), potentially stealing administrator session cookies and accessing ...