CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-46964

Cross Site Scripting (XSS) vulnerability in Hillstone Next Generation FireWall SG-6000-e3960 v.5.5 allows a remote attacker to execute arbitrary code via the use front-end filtering instead of back-end filtering.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.7%

CVSS Severity

CVSS v3 Score 6.1

References

https://foremost-smash-52a.notion.site/Hillstone-Next-Generation-FireWall-XSS-CVE-2023-46964-6cf1fe91e7ed4795adb1d89d75030d16
https://foremost-smash-52a.notion.site/Hillstone-Next-Generation-FireWall-XSS-CVE-2023-46964-6cf1fe91e7ed4795adb1d89d75030d16

Products affected by CVE-2023-46964

Hillstonenet » Sc-6000-E3960 » Version: N/A

cpe:2.3:h:hillstonenet:sc-6000-e3960:-
Hillstonenet » Sc-6000-E3960 Firmware » Version: 5.5

cpe:2.3:o:hillstonenet:sc-6000-e3960_firmware:5.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-46964

Products

Pricing

Contact Us