CVE-2024-40729
- EPSS 0.28%
- Veröffentlicht 09.07.2024 18:15:11
- Zuletzt bearbeitet 21.11.2024 09:31:30
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/.
CVE-2024-40728
- EPSS 0.22%
- Veröffentlicht 09.07.2024 18:15:11
- Zuletzt bearbeitet 21.11.2024 09:31:30
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/{id}/edit/.
CVE-2024-40727
- EPSS 0.41%
- Veröffentlicht 09.07.2024 18:15:11
- Zuletzt bearbeitet 21.11.2024 09:31:30
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/.
CVE-2024-38972
- EPSS 0.31%
- Veröffentlicht 09.07.2024 18:15:10
- Zuletzt bearbeitet 21.11.2024 09:27:01
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/.
CVE-2024-0948
- EPSS 0.13%
- Veröffentlicht 26.01.2024 22:15:11
- Zuletzt bearbeitet 21.11.2024 08:47:50
** DISPUTED ** A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with t...
CVE-2023-36234
- EPSS 0.08%
- Veröffentlicht 20.09.2023 22:15:12
- Zuletzt bearbeitet 21.11.2024 08:09:26
Cross Site Scripting (XSS) vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function.
CVE-2023-37625
- EPSS 1.63%
- Veröffentlicht 10.08.2023 20:15:10
- Zuletzt bearbeitet 21.11.2024 08:12:02
A stored cross-site scripting (XSS) vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates.
CVE-2023-34565
- EPSS 0.08%
- Veröffentlicht 14.06.2023 21:15:09
- Zuletzt bearbeitet 21.11.2024 08:07:22
Netbox 3.5.1 is vulnerable to Cross Site Scripting (XSS) in the "Create Wireless LAN Groups" function.
CVE-2023-33800
- EPSS 0.14%
- Veröffentlicht 24.05.2023 20:15:11
- Zuletzt bearbeitet 21.11.2024 08:06:01
A stored cross-site scripting (XSS) vulnerability in the Create Regions (/dcim/regions/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2023-33799
- EPSS 0.11%
- Veröffentlicht 24.05.2023 20:15:11
- Zuletzt bearbeitet 21.11.2024 08:06:01
A stored cross-site scripting (XSS) vulnerability in the Create Contacts (/tenancy/contacts/) function of Netbox v3.5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.