Security Advisory

CVE-2023-4592

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-03 11:04:22

Last updated 2024-09-05 13:58:49

Assigner INCIBE

State PUBLISHED

Description

A Cross-Site Scripting vulnerability has been detected in WPN-XM Serverstack affecting version 0.8.6. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload through the /tools/webinterface/index.php parameter and retrieve the cookie session details of an authenticated user, resulting in a session hijacking.

← Browse all CVEs View on cve.org ↗