3 matches found
CVE-2023-6002 Log Injection
YugabyteDB is vulnerable to cross site scripting XSS via log injection. Writing invalidated user input to log files can allow an unprivileged attacker to forge log entries or inject malicious content into the logs...
CVE-2023-6002 Log Injection
YugabyteDB is vulnerable to cross site scripting XSS via log injection. Writing invalidated user input to log files can allow an unprivileged attacker to forge log entries or inject malicious content into the logs...
CVE-2023-6002
YugabyteDB is affected by CVE-2023-6002: a cross-site scripting (XSS) vulnerability via log injection. The issue arises when invalidated user input is written to log files, which can allow an unprivileged attacker to forge log entries or inject malicious content into logs. The provided documents ...