CVE-2023-33793

A stored cross-site scripting XSS vulnerability in the Create Power Panels /dcim/power-panels/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...

PT-2023-24496 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: A stored cross-site scripting XSS issue exists in the Create Power Panels function, specifically at the /dcim/power-panels/ API endpoint, allowing attackers to execute arbitrary web scripts or HTML by injecti...

CVE-2023-33793

CVE-2023-33793 is a stored XSS affecting NetBox v3.5.1 in the Create Power Panels API at /dcim/power-panels/ via the Name field. Multiple sources corroborate the flaw; the NVD entry assigns CVSSv3.1 base score 5.4 (Medium) with network attack vector, low complexity, user interaction required. The...

CVE-2023-33793

A stored cross-site scripting XSS vulnerability in the Create Power Panels /dcim/power-panels/ function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field...