Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed.
References
Configurations
History
07 Nov 2023, 04:14
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
11 Jul 2023, 18:08
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-79 | |
References | (MISC) https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-(XSS)-in-Sophos-iView.html - Exploit, Third Party Advisory | |
CPE | cpe:2.3:a:sophos:iview:-:*:*:*:*:*:*:* | |
First Time |
Sophos iview
Sophos |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
05 Jul 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-05 18:15
Updated : 2024-02-28 20:13
NVD link : CVE-2023-33335
Mitre link : CVE-2023-33335
CVE.ORG link : CVE-2023-33335
JSON object : View
Products Affected
sophos
- iview
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')