Lucene search
MitreVULNRICHMENT:CVE-2023-27148HistoryOct 23, 2023 - 12:00 a.m.
CVE-2023-27148
2023-10-2300:00:00
mitre
github.com
1
enhancesoft osticket
stored xss
admin panel
vulnerability
cross-site scripting
payload injection
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
20.8%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
A stored cross-site scripting (XSS) vulnerability in the Admin panel in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Role Name parameter.
Related
nvd
nvd
CVE-2023-27148
2023-10-23 20:15:08
prion
prion
Cross site scripting
2023-10-23 20:15:00
cve
cve
CVE-2023-27148
2023-10-23 20:15:08
cvelist
cvelist
CVE-2023-27148
2023-10-23 00:00:00
osv
osv
CVE-2023-27148
2023-10-23 20:15:08
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
20.8%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-27148