{
  "id": "CVE-2023-39000",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-08-09T19:15:14.787",
  "lastModified": "2023-08-09T20:12:10.860",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "A reflected cross-site scripting (XSS) vulnerability in the component /ui/diagnostics/log/core/ of OPNsense before 23.7 allows attackers to inject arbitrary JavaScript via the URL path."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/opnsense/core/commit/d1f350ce70e477adc86d445f5cda9b24f9ff0168",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://logicaltrust.net/blog/2023/08/opnsense.html",
      "source": "cve@mitre.org"
    }
  ]
}