Lucene search
MitreVULNRICHMENT:CVE-2023-27149HistoryOct 23, 2023 - 12:00 a.m.
CVE-2023-27149
2023-10-2300:00:00
mitre
github.com
2
stored xss
enhancesoft osticket v1.17.2
arbitrary code execution
crafted payload
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
20.8%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
A stored cross-site scripting (XSS) vulnerability in Enhancesoft osTicket v1.17.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Label input parameter when updating a custom list.
Related
osv
osv
CVE-2023-27149
2023-10-23 20:15:08
prion
prion
Cross site scripting
2023-10-23 20:15:00
cvelist
cvelist
CVE-2023-27149
2023-10-23 00:00:00
cve
cve
CVE-2023-27149
2023-10-23 20:15:08
nvd
nvd
CVE-2023-27149
2023-10-23 20:15:08
AI Score
5.5
Confidence
High
EPSS
0.001
Percentile
20.8%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-27149