2023-10-29 09:06:41 +00:00
{
"id" : "CVE-2023-46854" ,
"sourceIdentifier" : "cve@mitre.org" ,
"published" : "2023-10-28T22:15:08.467" ,
2023-11-07 21:03:21 +00:00
"lastModified" : "2023-11-07T04:21:59.330" ,
"vulnStatus" : "Undergoing Analysis" ,
2023-10-29 09:06:41 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Proxmox proxmox-widget-toolkit before 4.0.9, as used in multiple Proxmox products, allows XSS via the edit notes feature."
2023-11-07 21:03:21 +00:00
} ,
{
"lang" : "es" ,
"value" : "Proxmox proxmox-widget-toolkit anterior a 4.0.9, como se usa en m\u00faltiples productos Proxmox, permite XSS a trav\u00e9s de la funci\u00f3n de edici\u00f3n de notas."
2023-10-29 09:06:41 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
2023-11-07 21:03:21 +00:00
"source" : "8254265b-2729-46b6-b9e3-3dfca2d5bfca" ,
2023-10-29 09:06:41 +00:00
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "LOW" ,
"userInteraction" : "REQUIRED" ,
"scope" : "CHANGED" ,
"confidentialityImpact" : "LOW" ,
"integrityImpact" : "LOW" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 5.4 ,
"baseSeverity" : "MEDIUM"
} ,
"exploitabilityScore" : 2.3 ,
"impactScore" : 2.7
}
]
} ,
"references" : [
{
2023-11-07 21:03:21 +00:00
"url" : "https://git.proxmox.com/?p=proxmox-widget-toolkit.git%3Ba=commit%3Bh=1326f771b959e576d140da2249c8b5424da6c80d" ,
2023-10-29 09:06:41 +00:00
"source" : "cve@mitre.org"
} ,
{
2023-11-07 21:03:21 +00:00
"url" : "https://git.proxmox.com/?p=proxmox-widget-toolkit.git%3Ba=commit%3Bh=89699c6466cfd9cc3a81fbc926b62f122c33c23c" ,
2023-10-29 09:06:41 +00:00
"source" : "cve@mitre.org"
} ,
{
"url" : "https://pve.proxmox.com/wiki/Package_Repositories#sysadmin_test_repo" ,
"source" : "cve@mitre.org"
}
]
}
