daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

renamed and updated info

patch-1
Prince Chaddha 2023-11-17 11:55:45 +05:30 committed by GitHub
parent f44655235e
commit 069199322e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
http/cves/2023/CVE-2023-5556 → http/cves/2023/CVE-2023-5556.yaml
View File

@ -8,6 +8,10 @@ info:
reference:
https://huntr.com/bounties/a3ee0f98-6898-41ae-b1bd-242a03a73d1b/
https://github.com/structurizr/onpremises/commit/6cff4f792b010dfb1ff6a0b4ae1c6e398f8f8a18
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
remediation: |
Apply the latest security patches or updates provided by Structurizr to fix the XSS vulnerability.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -19,11 +23,7 @@ info:
metadata:
vendor: structurizr
product: on-premises_installation
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
remediation: |
Apply the latest security patches or updates provided by Structurizr to fix the XSS vulnerability.
tags: xss,cve,cve2023
tags: cve,cve2023,xss,structurizr
http:
- method: GET
@ -40,5 +40,3 @@ http:
part: header
words:
- text/html