TROYANOSYVIRUS
Volver a CVEs

CVE-2023-49453

MEDIUM
6.1

Descripcion

Reflected cross-site scripting (XSS) vulnerability in Racktables v0.22.0 and before, allows local attackers to execute arbitrary code and obtain sensitive information via the search component in index.php.

Detalles CVE

Puntuacion CVSS v3.16.1
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado3/12/2024
Ultima modificacion9/29/2025
Fuentenvd
Avistamientos honeypot0

Productos afectados

racktables_project:racktables

Debilidades (CWE)

CWE-79

Referencias

https://nitipoom-jar.github.io/CVE-2023-49453/(cve@mitre.org)
https://nitipoom-jaroonchaipipat.github.io/security-research-portal/2023-49453(cve@mitre.org)
https://nitipoom-jar.github.io/CVE-2023-49453/(af854a3a-2127-422b-91ae-364da2661108)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.