Security Advisory

CVE-2023-6002

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-07 23:56:50

Last updated 2024-09-17 13:03:18

Assigner Yugabyte

State PUBLISHED

Description

YugabyteDB is vulnerable to cross site scripting (XSS) via log injection. Writing invalidated user input to log files can allow an unprivileged attacker to forge log entries or inject malicious content into the logs.

← Browse all CVEs View on cve.org ↗