CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3 matches found

NVD•added 2024/07/09 6:15 p.m.•14 views

CVE-2024-40728

A cross-site scripting XSS vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/id/edit/...

7.1CVSS0.00218EPSS

Exploits1References1

CNNVD•added 2024/07/09 12:0 a.m.•1 views

NetBox 安全漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.2AI score0.00308EPSS

Exploits1References2

CVE•added 2024/07/09 12:0 a.m.•66 views

CVE-2024-40728

NetBox v4.0.3 is affected by an XSS flaw in the /dcim/console-server-ports/{id}/edit/ Name field due to insufficient filtering/escaping of user input. Multiple sources (Red Hat, CNVD, OSV, NVD, CVE listings) confirm a cross-site scripting vulnerability that could allow an attacker to inject arbit...

7.1CVSS5.8AI score0.00218EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by