CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-29836

Cross Site Scripting vulnerability found in Exelysis Unified Communication Solutions (EUCS) v.1.0 allows a remote attacker to execute arbitrary code via the Username parameter of the eucsAdmin login form.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 54.6%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/IthacaLabs/Exelysis
https://github.com/IthacaLabs/Exelysis/blob/main/EUCS%20Admin%20Login%20XSS.txt
https://github.com/IthacaLabs/Exelysis
https://github.com/IthacaLabs/Exelysis/blob/main/EUCS%20Admin%20Login%20XSS.txt

Products affected by CVE-2023-29836

Exelysis » Exelysis Unified Communications Solution » Version: 1.0

cpe:2.3:a:exelysis:exelysis_unified_communications_solution:1.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-29836

Products

Pricing

Contact Us