Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed.
References
Configurations
History
21 Nov 2024, 08:05
Type | Values Removed | Values Added |
---|---|---|
References | () https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-%28XSS%29-in-Sophos-iView.html - |
07 Nov 2023, 04:14
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
11 Jul 2023, 18:08
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-(XSS)-in-Sophos-iView.html - Exploit, Third Party Advisory | |
CPE | cpe:2.3:a:sophos:iview:-:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
First Time |
Sophos iview
Sophos |
|
CWE | CWE-79 |
05 Jul 2023, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-05 18:15
Updated : 2024-11-21 08:05
NVD link : CVE-2023-33335
Mitre link : CVE-2023-33335
CVE.ORG link : CVE-2023-33335
JSON object : View
Products Affected
sophos
- iview
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')