CVE-2023-24181: XSS
First published: Mon Apr 10 2023(Updated: )
LuCI openwrt-22.03 branch git-22.361.69894-438c598 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /openvpn/pageswitch.htm.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenWRT LuCI | =22.03.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this LuCI vulnerability?
The vulnerability ID for this LuCI vulnerability is CVE-2023-24181.
What is the severity of CVE-2023-24181?
The severity of CVE-2023-24181 is medium, with a CVSS score of 5.4.
What is the affected software of CVE-2023-24181?
The affected software of CVE-2023-24181 is OpenWRT LuCI version 22.03.3.
What is the CWE ID associated with CVE-2023-24181?
The CWE ID associated with CVE-2023-24181 is CWE-79.
How can I fix the reflected cross-site scripting (XSS) vulnerability in LuCI?
To fix the reflected cross-site scripting (XSS) vulnerability in LuCI, update to the patched version specified in the references.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/references
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/openwrt
- canonical/openwrt luci
- version/openwrt luci/22.03.3