44 matches found
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43121
CVE-2023-43121 concerns Extreme Networks Switch Engine (EXOS) Chalet application. A directory traversal flaw in Chalet (root cause: improper handling of file paths) enables reading arbitrary files. Affected EXOS versions are prior to 32.5.1.5, prior to 22.7, and prior to 31.7.2. Impact is read ac...
CVE-2023-43118
The CVE-2023-43118 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the Chalet application of Extreme Networks Switch Engine (EXOS). Affected versions are EXOS prior to 32.5.1.5 (also listed as pre-32.5.1.5 in various sources). The underlying issue enables an attacker to execu...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
PT-2023-28703 · Extreme Networks · Extreme Networks Switch Engine
Name of the Vulnerable Software and Affected Versions: Extreme Networks Switch Engine EXOS versions prior to 31.7.2 Extreme Networks Switch Engine EXOS versions prior to 32.5.1.5 Description: A Cross Site Request Forgery CSRF issue in the Chalet application allows attackers to run arbitrary code...
Extreme Networks Switch Engine Cross-Site Request Forgery Vulnerability
Extreme Networks Switch Engine EXOS is a switch engine from Extreme Networks, Inc. A security vulnerability exists in Extreme Networks Switch Engine versions prior to 32.5.1.5, which stems from a cross-site request forgery CSRF vulnerability in the Chalet application. An attacker could exploit th...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
Extreme Networks Switch Engine Path Traversal Vulnerability
Extreme Networks Switch Engine EXOS is a switch engine from Extreme Networks. A security vulnerability exists in Extreme Networks Switch Engine that stems from a directory traversal vulnerability in the Chalet application. The vulnerability can be exploited to read arbitrary files. Affected...
chalet-vallouise.com Cross Site Scripting vulnerability OBB-3576026
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chalet-kerber.at Cross Site Scripting vulnerability OBB-3295336
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chalet-alpenrose.it Cross Site Scripting vulnerability OBB-3273047
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chalet-vlus.com Cross Site Scripting vulnerability OBB-2966761
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chalet-oz.com Cross Site Scripting vulnerability OBB-2966760
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
zaxsportschalet.com Cross Site Scripting vulnerability OBB-2645888
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chalet-labbe.com Cross Site Scripting vulnerability OBB-2551134
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chalet-lyrique.fr Cross Site Scripting vulnerability OBB-2331712
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chalet-freiraum.at Cross Site Scripting vulnerability OBB-1462569
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
chalet-datz.de Cross Site Scripting vulnerability OBB-1404852
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
chalet-datz.de Cross Site Scripting vulnerability OBB-1348265
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...