9 matches found
CVE-2023-26061
An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...
CVE-2023-26061
An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...
CVE-2023-26061
An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...
Input validation
An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...
CVE-2023-26061
An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...
CVE-2023-26061
Nokia NetAct
The vulnerability of the Alarm Reports Dashboard, a component of the NetAct network management system, allows a violator to perform cross-site scenario attacks.
The vulnerability of the Alarm Reports Dashboard of the NetAct network management system is related to insufficient protection of the website structure during task creation. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...
PT-2022-05: Stored Cross-Site Scripting (XSS)
Input validation was missing while creating the schedule task in alarm reports dashboard. An attacker can create a script to inject XSS. The attack can only be performed by an internal user. The vulnerability is fixed in NetAct 22 FP2211 and onwards. Advisory status 10.10.2022 - Vendor gets...
PT-2022-6441 · Nokia · Nokia Netact
Name of the Vulnerable Software and Affected Versions: Nokia NetAct versions prior to 22 FP2211 Description: The issue is related to insufficient protection of the web page structure when creating tasks. It allows an attacker to perform cross-site scripting XSS attacks by injecting scripts. The...