2 matches found
CVE-2023-33792
A stored cross-site scripting XSS vulnerability in the Create Site Groups /dcim/site-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33792
NetBox CVE-2023-33792 is a stored XSS in the Create Site Groups API (/dcim/site-groups/) affecting NetBox v3.5.1. The payload is injected into the Name field, allowing execution of arbitrary web scripts or HTML. CVSS v3.1 base score 5.4 (MEDIUM) with network attack vector, user interaction requir...