2 matches found
CVE-2023-33800
CVE-2023-33800 is a stored XSS in NetBox v3.5.1 affecting the Create Regions endpoint (/dcim/regions/). The Name field can be injected to execute arbitrary scripts/HTML. Public sources consistently describe a stored XSS applicable to NetBox 3.5.1, with a CVSS v3.1 base score of 5.4 (Medium) and a...
CVE-2023-33800
A stored cross-site scripting XSS vulnerability in the Create Regions /dcim/regions/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...