Security Advisory

CVE-2023-28158

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-29 12:21:46

Last updated 2025-02-13 16:45:40

Assigner apache

State PUBLISHED

Description

Privilege escalation via stored XSS using the file upload service to upload malicious content. The issue can be exploited only by authenticated users which can create directory name to inject some XSS content and gain some privileges such admin user.

← Browse all CVEs View on cve.org ↗