Vulnerability Details CVE-2023-4564
This vulnerability could allow an attacker to store a malicious JavaScript payload in the broadcast message parameter within the admin panel.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.4%
CVSS Severity
CVSS v3 Score 4.7
References
- https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/config.js?ref_type=heads#L38
- https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/helpers/html.js?ref_type=heads
- https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis
- https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis