3 matches found
CVE-2023-45815 Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context in ArchiveBox
ArchiveBox is an open source self-hosted web archiving system. Any users who are using the wget extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to...
CVE-2023-45815 ArchiveBox: Viewing wget extractor output while logged in as an admin allows archived JS to execute in the admins context
ArchiveBox is an open source self-hosted web archiving system. Any users who are using the wget extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to...
CVE-2023-45815
The CVE-2023-45815 entry concerns ArchiveBox, an open source self-hosted web archiving system. The provided documents describe a vulnerability tied to the wget extractor: when a logged-in admin views archived pages, malicious JavaScript served from the same host can execute in the admin session, ...