MEDIUMπŸ‡΅πŸ‡± Wersja polska

CVE-2023-40143

CVSS 5.4v3.1pub. 2024-02-06upd. 2024-11-21

An attacker with access to the Westermo Lynx web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "forward.0.domain" parameter.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
  • Westermo L206 F2g

    HW
    Westermo
    wszystkie wersje
  • Westermo L206 F2g Firmware

    OS
    Westermo
    4.24
πŸ”΅
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2023-38579HIGH8.0ten sam produkt

The cross-site request forgery token in the request may be predictable or easily guessable allowi...

CVE-2023-45735HIGH8.0ten sam produkt

A potential attacker with access to the Westermo Lynx device may be able to execute malicious code that c...

CVE-2023-42765MEDIUM5.4ten sam produkt

An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting ...

CVE-2023-45222MEDIUM5.4ten sam produkt

An attacker with access to the web application that has the vulnerable software could introduce arbitrary J...

CVE-2023-45227MEDIUM5.4ten sam produkt

An attacker with access to the web application with vulnerable software could introduce arbitra...

CVE-2023-40143 β€” Westermo β€” L206-F2G β€” MEDIUM β€” CVSS 5.4 | CVEbaza.pl