Lucene search
+L

484 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:3 a.m.13 views

CVE-2023-33800

A stored cross-site scripting XSS vulnerability in the Create Regions /dcim/regions/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

5.4CVSS5.6AI score0.00397EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 a.m.8 views

CVE-2019-25011

NetBox through 2.6.2 allows an Authenticated User to conduct an XSS attack against an admin via a GFM-rendered field, as demonstrated by /dcim/sites/add/ comments...

5.4CVSS6AI score0.00555EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/10 11:23 p.m.6 views

CVE-2024-47226

A stored cross-site scripting XSS vulnerability exists in NetBox 4.1.0 within the "Configuration History" feature of the "Admin" panel via a /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the "Top banner" field. NOTE: Multiple third parties...

5.4CVSS5.3AI score0.00289EPSS
Exploits1References1
Veracode
Veracode
added 2024/09/30 6:0 a.m.7 views

Cross-site Scripting (XSS)

NetBox is vulnerable to stored cross-site scripting XSS. The vulnerability is due to improper sanitization in the "Top banner" field within the "Configuration History" feature of the "Admin" panel, allowing an authenticated user to inject arbitrary JavaScript or HTML...

5.4CVSS5.8AI score0.00289EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2024/09/22 2:15 a.m.11 views

CVE-2024-47226

A stored cross-site scripting XSS vulnerability exists in NetBox 4.1.0 within the "Configuration History" feature of the "Admin" panel via a /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the "Top banner" field. NOTE: Multiple third parties...

5.4CVSS0.00289EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/09/22 12:0 a.m.10 views

CVE-2024-47226

A stored cross-site scripting XSS vulnerability exists in NetBox 4.1.0 within the "Configuration History" feature of the "Admin" panel via a /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the "Top banner" field. NOTE: Multiple third parties...

5.2AI score0.00289EPSS
Exploits1References2
OSV
OSV
added 2024/09/22 12:0 a.m.4 views

CVE-2024-47226

A stored cross-site scripting XSS vulnerability exists in NetBox 4.1.0 within the "Configuration History" feature of the "Admin" panel via a /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the "Top banner" field. NOTE: Multiple third parties...

5.4CVSS5.4AI score0.00289EPSS
Exploits1References4
CVE
CVE
added 2024/09/22 12:0 a.m.64 views

CVE-2024-47226

NetBox 4.1.0 is affected by a stored XSS in the Admin panel’s Configuration History feature, via the /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the Top banner field. The issue’s validity is debated by third parties, arguing the banner is...

5.4CVSS5.2AI score0.00289EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2024/09/22 12:0 a.m.5 views

NetBox 安全漏洞

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version 4.1.0, which stems from the presence of a stored cross-site scripting XSS vulnerability that allows ...

5.4CVSS5.4AI score0.00289EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/09/21 12:0 a.m.7 views

PT-2024-32485

Name of the Vulnerable Software and Affected Versions NetBox version 4.1.0 Description A stored cross-site scripting XSS issue exists within the "Configuration History" feature of the "Admin" panel via the "/core/config-revisions/" endpoint, specifically through the "Add" action. An authenticated...

5.4CVSS5.8AI score0.00289EPSS
Exploits1References11
CNVD
CNVD
added 2024/07/12 12:0 a.m.12 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37581)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.1AI score0.00353EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.25 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37593)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.1AI score0.00353EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.39 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37589)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.1AI score0.00376EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.43 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37592)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.1AI score0.00376EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.53 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37586)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.1AI score0.004EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.44 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37583)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.1AI score0.00353EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.43 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37580)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

7.1CVSS6.1AI score0.00353EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.29 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37585)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.1AI score0.004EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.46 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37579)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

6.1CVSS6.1AI score0.00451EPSS
Exploits1References1
CNVD
CNVD
added 2024/07/12 12:0 a.m.41 views

NetBox Cross-Site Scripting Vulnerability (CNVD-2024-37587)

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A cross-site scripting vulnerability exists in NetBox v4.0.3, which stems from the lack of effective filtering and escaping of user-supplied data in t...

7.1CVSS6.1AI score0.004EPSS
Exploits1References1
Rows per page
Query Builder