Vulnerability Details CVE-2023-34637
A stored cross-site scripting (XSS) vulnerability in IsarNet AG IsarFlow v5.23 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the dashboard title parameter in the IsarFlow Portal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.5%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2023-34637
-
cpe:2.3:a:isarnet:isarflow:5.12
-
cpe:2.3:a:isarnet:isarflow:5.13
-
cpe:2.3:a:isarnet:isarflow:5.14
-
cpe:2.3:a:isarnet:isarflow:5.15
-
cpe:2.3:a:isarnet:isarflow:5.18
-
cpe:2.3:a:isarnet:isarflow:5.19
-
cpe:2.3:a:isarnet:isarflow:5.20
-
cpe:2.3:a:isarnet:isarflow:5.21
-
cpe:2.3:a:isarnet:isarflow:5.22
-
cpe:2.3:a:isarnet:isarflow:5.23