3 matches found
CVE-2023-46471
This CVE (CVE-2023-46471) concerns Space Applications Services Yamcs v5.8.6. The vulnerability is a stored cross-site scripting flaw in the ScriptViewer, exploitable via the scriptContainer variable, allowing a remote attacker to execute arbitrary code. Affected component: ScriptViewer in Yamcs 5...
CVE-2023-46470
The CVE-2023-46470 entry concerns Space Applications Services Yamcs v5.8.6, where a Cross Site Scripting (stored XSS) vulnerability in the ArchiveBrowser’s Timeline view could allow a remote attacker to execute arbitrary code via a crafted telecommand. Affected component: Yamcs 5.8.6; root cause:...
CVE-2023-47311
CVE-2023-47311 affects Yamcs 5.8.6. The issue allows attackers to send arbitrary telecommands in a Command Stack via Clickjacking. Affected component is Yamcs’ Command Stack handling; root cause is described as a clickjacking path that enables issuance of unauthorized commands. Documented impact ...