CVE-2023-45281: XSS
First published: Thu Oct 19 2023(Updated: )
An issue in Yamcs 5.8.6 allows attackers to obtain the session cookie via upload of crafted HTML file.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Spaceapplications Yacms | =5.8.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the Yamcs vulnerability?
The vulnerability ID for the Yamcs vulnerability is CVE-2023-45281.
What is the severity of the Yamcs vulnerability?
The severity of the Yamcs vulnerability is medium (6.1).
How can attackers exploit the Yamcs vulnerability?
Attackers can exploit the Yamcs vulnerability by uploading a crafted HTML file to obtain the session cookie.
Which version of Yamcs is affected by this vulnerability?
Yamcs version 5.8.6 is affected by this vulnerability.
Is there a fix available for the Yamcs vulnerability?
No specific fix information is provided.
- collector/nvd-index
- agent/weakness
- agent/author
- agent/severity
- agent/type
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/references
- agent/description
- vendor/spaceapplications
- canonical/spaceapplications yacms
- version/spaceapplications yacms/5.8.6