Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.5 views

CVE-2023-26061

An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...

6.8CVSS6.8AI score0.00371EPSS
Exploits0References1
OSV
OSV
added 2023/04/24 5:15 p.m.5 views

CVE-2023-26061

An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...

5.4CVSS5.7AI score0.00371EPSS
Exploits0References2
NVD
NVD
added 2023/04/24 5:15 p.m.17 views

CVE-2023-26061

An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...

6.8CVSS6.6AI score0.00371EPSS
Exploits0References2
Prion
Prion
added 2023/04/24 5:15 p.m.26 views

Input validation

An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...

4.9CVSS5.4AI score0.00371EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/04/24 12:0 a.m.8 views

CVE-2023-26061

An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...

6.8CVSS6.6AI score0.00371EPSS
Exploits0References2
CVE
CVE
added 2023/04/24 12:0 a.m.43 views

CVE-2023-26061

Nokia NetAct

6.8CVSS5.4AI score0.00371EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/20 12:0 a.m.6 views

The vulnerability of the Alarm Reports Dashboard, a component of the NetAct network management system, allows a violator to perform cross-site scenario attacks.

The vulnerability of the Alarm Reports Dashboard of the NetAct network management system is related to insufficient protection of the website structure during task creation. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

6.8CVSS5.6AI score0.00371EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.11 views

PT-2022-05: Stored Cross-Site Scripting (XSS)

Input validation was missing while creating the schedule task in alarm reports dashboard. An attacker can create a script to inject XSS. The attack can only be performed by an internal user. The vulnerability is fixed in NetAct 22 FP2211 and onwards. Advisory status 10.10.2022 - Vendor gets...

6.8CVSS5.8AI score0.00371EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2022/10/10 12:0 a.m.5 views

PT-2022-6441 · Nokia · Nokia Netact

Name of the Vulnerable Software and Affected Versions: Nokia NetAct versions prior to 22 FP2211 Description: The issue is related to insufficient protection of the web page structure when creating tasks. It allows an attacker to perform cross-site scripting XSS attacks by injecting scripts. The...

6.8CVSS5.4AI score0.00371EPSS
Exploits0References6
Rows per page
Query Builder