Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-37531
HistoryFeb 29, 2024 - 1:40 a.m.

CVE-2023-37531

2024-02-2901:40:04
[email protected]
web.nvd.nist.gov
5
cve-2023-37531
cross-site scripting
xss vulnerability
web reports
hcl bigfix platform
execute malicious javascript
form field
privileged access

CVSS3

3.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

AI Score

4.3

Confidence

High

EPSS

0

Percentile

9.0%

JSON

A cross-site scripting (XSS) vulnerability in the Web Reports component of HCL BigFix Platform can possibly allow an attacker to execute malicious javascript code into a form field of a webpage by a user with privileged access.

Related

cvelist 1
vulnrichment 1
cve 1
prion 1
nessus 1
cvelist
cvelist
CVE-2023-37531 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform
2024-02-02 20:07:44
vulnrichment
vulnrichment
CVE-2023-37531 A cross-site scripting (XSS) vulnerability affects HCL BigFix Platform
2024-02-02 20:07:44
cve
cve
CVE-2023-37531
2024-02-29 01:40:04
prion
prion
Cross site scripting
2024-02-29 01:40:00
nessus
nessus
HCL BigFix Server 9.5.x < 9.5.24 / 10.0.x < 10.0.10 / 11.0.x < 11.0.1 Multiple Vulnerabilities (KB0110209)
2024-02-08 00:00:00

CVSS3

3.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N

AI Score

4.3

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for NVD:CVE-2023-37531
cvelist1vulnrichment1cve1prion1nessus1