Vulnerability Details CVE-2023-32000
A Cross-Site Scripting (XSS) vulnerability found in UniFi Network (Version 7.3.83 and earlier) allows a malicious actor with Site Administrator credentials to escalate privileges by persuading an Administrator to visit a malicious web page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.2%
CVSS Severity
CVSS v3 Score 4.8
References
Products affected by CVE-2023-32000
-
cpe:2.3:a:ui:unifi_network_application:-
-
cpe:2.3:a:ui:unifi_network_application:6.2.23
-
cpe:2.3:a:ui:unifi_network_application:6.2.25
-
cpe:2.3:a:ui:unifi_network_application:6.2.26
-
cpe:2.3:a:ui:unifi_network_application:6.4.54
-
cpe:2.3:a:ui:unifi_network_application:6.5.51
-
cpe:2.3:a:ui:unifi_network_application:6.5.52
-
cpe:2.3:a:ui:unifi_network_application:6.5.53
-
cpe:2.3:a:ui:unifi_network_application:6.5.54
-
cpe:2.3:a:ui:unifi_network_application:6.5.55
-
cpe:2.3:a:ui:unifi_network_application:7.0.20
-
cpe:2.3:a:ui:unifi_network_application:7.0.21
-
cpe:2.3:a:ui:unifi_network_application:7.0.22
-
cpe:2.3:a:ui:unifi_network_application:7.0.23
-
cpe:2.3:a:ui:unifi_network_application:7.0.25
-
cpe:2.3:a:ui:unifi_network_application:7.1.61
-
cpe:2.3:a:ui:unifi_network_application:7.1.65
-
cpe:2.3:a:ui:unifi_network_application:7.1.66
-
cpe:2.3:a:ui:unifi_network_application:7.1.67
-
cpe:2.3:a:ui:unifi_network_application:7.1.68
-
cpe:2.3:a:ui:unifi_network_application:7.2.91
-
cpe:2.3:a:ui:unifi_network_application:7.2.92
-
cpe:2.3:a:ui:unifi_network_application:7.2.93
-
cpe:2.3:a:ui:unifi_network_application:7.2.94
-
cpe:2.3:a:ui:unifi_network_application:7.2.95
-
cpe:2.3:a:ui:unifi_network_application:7.2.97
-
cpe:2.3:a:ui:unifi_network_application:7.3.76
-
cpe:2.3:a:ui:unifi_network_application:7.3.81
-
cpe:2.3:a:ui:unifi_network_application:7.3.83