admin/cve
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00
Code Issues Packages Projects Releases Wiki Activity
cve/2023/CVE-2023-30962.md

18 lines
1010 B
Markdown
Raw Normal View History

Update Sat May 25 21:48:12 CEST 2024
2024-05-25 21:48:12 +02:00
### [CVE-2023-30962](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30962)
![](https://img.shields.io/static/v1?label=Product&message=com.palantir.acme.cerberus%3Acerberus&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=*%3C%20100.230704.0-27-g031dd58%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=The%20product%20allows%20the%20attacker%20to%20upload%20or%20transfer%20files%20of%20dangerous%20types%20that%20can%20be%20automatically%20processed%20within%20the%20product's%20environment.&color=brighgreen)
### Description
The Gotham Cerberus service was found to have a stored cross-site scripting (XSS) vulnerability that could have allowed an attacker with access to Gotham to launch attacks against other users. This vulnerability is resolved in Cerberus 100.230704.0-27-g031dd58 .
### POC
#### Reference
- https://palantir.safebase.us/?tcuUid=92dd599a-07e2-43a8-956a-9c9566794be0
#### Github
No PoCs found on GitHub currently.
Reference in New Issue Copy Permalink