Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ClockworkmodScrypted

2 matches found

CVE
CVEadded 2023/12/13 9:38 p.m.45 views

CVE-2023-47623

CVE-2023-47623 corresponds to a reflected cross-site scripting (XSS) vulnerability in the Scrypted platform. The issue affects versions 0.55.0 and prior, occurring in the login flow via the redirect_uri parameter (and related login page handling). An attacker can supply a javascript: URL to execu...

6.1CVSS6AI score0.00098EPSS
CVE
CVEadded 2023/12/13 9:49 p.m.38 views

CVE-2023-47620

CVE-2023-47620 affects Scrypted up to v0.55.0, where a reflected Cross-Site Scripting (XSS) vulnerability exists in the plugin-http.ts endpoint using the owner and pkg parameters. The vulnerability allows an attacker to inject arbitrary JavaScript by reflecting user-controlled input back in the r...

6.1CVSS6AI score0.00219EPSS