2 matches found
CVE-2023-33790
A stored cross-site scripting XSS vulnerability in the Create Locations /dcim/locations/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33790
NetBox v3.5.1 contains a stored XSS in the Create Locations (/dcim/locations/) Name field. The vulnerability allows an attacker to inject arbitrary web scripts/HTML, with impact limited to user’s session and potentially broader depending on context, as described across multiple feeds (including R...