admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-07 21:46:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2023/CVE-2023-481xx/CVE-2023-48114.json

24 lines
873 B
JSON
Raw Normal View History

Auto-Update: 2023-12-21T17:00:24.950171+00:00
2023-12-21 17:00:28 +00:00
{
"id": "CVE-2023-48114",
"sourceIdentifier": "cve@mitre.org",
"published": "2023-12-21T15:15:09.587",
Auto-Update: 2023-12-21T19:00:24.531153+00:00
2023-12-21 19:00:28 +00:00
"lastModified": "2023-12-21T18:15:38.237",
"vulnStatus": "Awaiting Analysis",
Auto-Update: 2023-12-21T17:00:24.950171+00:00
2023-12-21 17:00:28 +00:00
"descriptions": [
{
"lang": "en",
"value": "SmarterTools SmarterMail 8495 through 8664 before 8747 allows stored XSS by using image/svg+xml and an uploaded SVG document. This occurs because the application tries to allow youtube.com URLs, but actually allows youtube.com followed by an @ character and an attacker-controlled domain name."
}
],
"metrics": {},
"references": [
{
"url": "https://co3us.gitbook.io/write-ups/stored-xss-in-email-body-of-smartermail-cve-2023-48114",
"source": "cve@mitre.org"
},
{
"url": "https://www.smartertools.com/smartermail/release-notes/current",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue Copy Permalink