An XSS vulnerability stored in Repox has been identified, which allows a local attacker to store a specially crafted JavaScript payload on the server, due to the lack of proper sanitisation of field elements, allowing the attacker to trigger the malicious payload when the application loads.
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-repox | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: INCIBE
Published: 2023-12-13T10:04:07.091Z
Updated: 2023-12-13T10:04:07.091Z
Reserved: 2023-12-12T08:04:45.812Z
Link: CVE-2023-6720
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-12-13T10:15:11.403
Modified: 2023-12-18T17:45:01.760
Link: CVE-2023-6720
JSON object: View
Redhat Information
No data.
CWE