6 matches found
CVE-2023-33792
A stored cross-site scripting XSS vulnerability in the Create Site Groups /dcim/site-groups/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-33795
A stored cross-site scripting XSS vulnerability in the Create Contact Roles /tenancy/contact-roles/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...
CVE-2023-36234
Cross Site Scripting XSS vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function...
PT-2023-24488 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Rack Roles function, specifically at the /dcim/rack-roles/ API endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a...
PT-2023-24500 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Sites function, specifically at the /dcim/sites/ endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a crafted paylo...
PT-2023-24502 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Contacts function, specifically at the /tenancy/contacts/ API endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecting a...