 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2023-28158 |
| Description: | Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user. |
| Test IDs: | 1.3.6.1.4.1.25623.1.0.149477 |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2023-28158 https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt https://lists.apache.org/thread/8pm6d5y9cptznm0bdny3n8voovmm0dtt http://www.openwall.com/lists/oss-security/2023/04/18/2 |