2 matches found
CVE-2024-47226
A stored cross-site scripting XSS vulnerability exists in NetBox 4.1.0 within the "Configuration History" feature of the "Admin" panel via a /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the "Top banner" field. NOTE: Multiple third parties...
PT-2024-32485
Name of the Vulnerable Software and Affected Versions NetBox version 4.1.0 Description A stored cross-site scripting XSS issue exists within the "Configuration History" feature of the "Admin" panel via the "/core/config-revisions/" endpoint, specifically through the "Add" action. An authenticated...