Lucene search
PRIOn knowledge basePRION:CVE-2023-38501HistoryJul 25, 2023 - 10:15 p.m.
Cross site scripting
2023-07-2522:15:00
PRIOn knowledge base
www.prio-n.com
13
copyparty
reflected cross-site scripting
file server software
vulnerability
version 1.8.7
patch
0.002 Low
EPSS
Percentile
59.5%
copyparty is file server software. Prior to version 1.8.7, the application contains a reflected cross-site scripting via URL-parameter ?k304=... and ?setck=.... The worst-case outcome of this is being able to move or delete existing files on the server, or upload new files, using the account of the person who clicks the malicious link. It is recommended to change the passwords of one’s copyparty accounts, unless one have inspected one’s logs and found no trace of attacks. Version 1.8.7 contains a patch for the issue.
Related
nuclei
nuclei
CopyParty v1.8.6 - Cross Site Scripting
2023-10-05 15:08:15
veracode
veracode
Cross-Site Scripting (XSS)
2023-07-26 09:09:26
osv
osv
Reflected cross-site scripting via k304 parameter
2023-07-25 17:49:21
PYSEC-2023-132
2023-07-25 22:15:00
CVE-2023-38501
2023-07-25 22:15:10
github
github
Reflected cross-site scripting via k304 parameter
2023-07-25 17:49:21
githubexploit
githubexploit
Exploit for Cross-site Scripting in Copyparty Project Copyparty
2023-10-06 02:55:05
packetstorm
packetstorm
Copyparty 1.8.6 Cross Site Scripting
2023-07-31 00:00:00
cve
cve
CVE-2023-38501
2023-07-25 22:15:10
nvd
nvd
CVE-2023-38501
2023-07-25 22:15:10
cvelist
cvelist
zdt
zdt
copyparty v1.8.6 - Reflected Cross Site Scripting Vulnerability
2023-07-28 00:00:00
exploitdb
exploitdb
copyparty v1.8.6 - Reflected Cross Site Scripting (XSS)
2023-07-28 00:00:00