Lucene search

[email protected]NVD:CVE-2023-39938

HistorySep 05, 2023 - 9:15 a.m.

CVE-2023-39938

2023-09-0509:15:09

CWE-79

[email protected]

web.nvd.nist.gov

cross-site scripting

vulnerability

vi web client

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

46.3%

JSON

Reflected cross-site scripting vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to inject an arbitrary script.

Affected configurations

Nvd

Node

i-provideo_insightRange<7.9.6

VendorProductVersionCPE
i-provideo_insight*cpe:2.3:a:i-pro:video_insight:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
i-pro	video_insight	*	cpe:2.3:a:i-pro:video_insight::::::::

References

downloadvi.com/downloads/IPServer/v7.9/796232/v796232RN.pdf

jvn.jp/en/jp/JVN60140221/

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

46.3%

JSON

Related for NVD:CVE-2023-39938

prion1 cve1 cvelist1 jvn1