OCSInventory allow stored email template with special characters that lead to a Stored cross-site Scripting.
References
Link | Resource |
---|---|
https://fluidattacks.com/advisories/creed/ | Exploit Third Party Advisory |
https://ocsinventory-ng.org/ | Product |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2024-01-04T14:39:43.942Z
Updated: 2024-01-04T14:39:43.942Z
Reserved: 2023-07-17T22:17:31.210Z
Link: CVE-2023-3726
JSON object: View
NVD Information
Status : Analyzed
Published: 2024-01-04T15:15:09.117
Modified: 2024-01-11T13:40:50.757
Link: CVE-2023-3726
JSON object: View
Redhat Information
No data.
CWE