Security Advisory

CVE-2023-30454

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-04-28 00:00:00

Last updated 2025-01-30 20:35:47

Assigner mitre

State PUBLISHED

Description

An issue was discovered in ebankIT before 7. Document Object Model based XSS exists within the /Security/Transactions/Transactions.aspx endpoint. Users can supply their own JavaScript within the ctl100$ctl00MainContent$TransactionMainContent$accControl$hdnAccountsArray POST parameter that will be passed to an eval() function and executed upon pressing the continue button.

← Browse all CVEs View on cve.org ↗