CVE-2023-49258

CVSS V2 None CVSS V3 None
Description
User browser may be forced to execute JavaScript and pass the authentication cookie to the attacker leveraging the XSS vulnerability located at "/gui/terminal_tool.cgi" in the "data" parameter.
Overview
  • CVE ID
  • CVE-2023-49258
  • Assigner
  • CERT-PL
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-01-12T14:24:57.134Z
  • Last Modified Date
  • 2024-01-12T14:24:57.134Z
References
Reference URL Reference Tags
https://cert.pl/en/posts/2024/01/CVE-2023-49253/ third-party-advisory
https://cert.pl/posts/2024/01/CVE-2023-49253/ third-party-advisory
History
Created Old Value New Value Data Type Notes
2024-06-25 13:04:54 Added to TrackCVE