CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-38435

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior may allow an attacker to perform a reflected cross-site scripting (XSS) attack. Upgrade to Apache Felix Healthcheck Webconsole Plugin 2.1.0 or higher.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.2%

CVSS Severity

CVSS v3 Score 6.1

References

Products affected by CVE-2023-38435

Apache » Felix Health Check Webconsole Plugin » Version: N/A

cpe:2.3:a:apache:felix_health_check_webconsole_plugin:-
Apache » Felix Health Check Webconsole Plugin » Version: 0.1.1

cpe:2.3:a:apache:felix_health_check_webconsole_plugin:0.1.1
Apache » Felix Health Check Webconsole Plugin » Version: 2.0.0

cpe:2.3:a:apache:felix_health_check_webconsole_plugin:2.0.0
Apache » Felix Health Check Webconsole Plugin » Version: 2.0.2

cpe:2.3:a:apache:felix_health_check_webconsole_plugin:2.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-38435

Products

Pricing

Contact Us