CVE-2023-29457

2023-07-1300:00:00

ubuntu.com

reflected xss

action form

web application

malicious scripts

vulnerability

execution

6.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

0.001 Low

EPSS

Percentile

23.0%

JSON

Reflected XSS attacks, occur when a malicious script is reflected off a web
application to the victim’s browser. The script can be activated through
Action form fields, which can be sent as request to a website with a
vulnerability that enables execution of malicious scripts.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchzabbix< anyUNKNOWN
ubuntu22.04noarchzabbix< anyUNKNOWN
ubuntu23.10noarchzabbix< anyUNKNOWN