The REPORT (after z but before a) parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a crafted URL.
References
Link | Resource |
---|---|
https://github.com/hosakauk/exploits/blob/master/listserv_report_xss.MD | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-03-05T00:00:00
Updated: 2023-03-05T00:00:00
Reserved: 2023-03-05T00:00:00
Link: CVE-2023-27641
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-03-05T22:15:08.887
Modified: 2023-03-13T16:34:20.063
Link: CVE-2023-27641
JSON object: View
Redhat Information
No data.
CWE