Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:5 a.m.7 views

CVE-2023-37658

fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...

5.4CVSS6.3AI score0.00384EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/07/11 3:15 p.m.4 views

CVE-2023-37658

fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...

5.4CVSS6AI score0.00384EPSS
Exploits1References2
NVD
NVD
added 2023/07/11 3:15 p.m.26 views

CVE-2023-37658

fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...

5.4CVSS5.2AI score0.00384EPSS
Exploits1References1
CVE
CVE
added 2023/07/11 12:0 a.m.2492 views

CVE-2023-37658

CVE-2023-37658 affects fast-poster v2.15.0. The vulnerability is in the file upload path: ApiUploadHandler.post in /server/fast.py, where the image check is based on binary data and does not strictly verify the file suffix, enabling stored XSS. Several connected sources confirm this issue; exploi...

5.4CVSS5.1AI score0.00384EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/07/11 12:0 a.m.20 views

CVE-2023-37658

fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...

5.4CVSS5.6AI score0.00384EPSS
Exploits1References3
Rows per page
Query Builder