Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f, allows unauthenticated attackers to execute arbitrary code via the org_name or domain values.
References
Link | Resource |
---|---|
https://github.com/techsneeze/dmarcts-report-viewer/pull/88 | Vendor Advisory |
https://xmit.xyz/security/dmarcd-for-death/ | Exploit Technical Description Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-06-22T00:00:00
Updated: 2023-06-22T00:00:00
Reserved: 2023-06-07T00:00:00
Link: CVE-2023-34796
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-22T19:15:08.917
Modified: 2023-06-30T16:30:21.087
Link: CVE-2023-34796
JSON object: View
Redhat Information
No data.
CWE