nvd-json-data-feeds/CVE-2023/CVE-2023-252xx/CVE-2023-25295.json

{
  "id": "CVE-2023-25295",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-01-17T03:15:07.743",
  "lastModified": "2024-01-17T14:01:41.410",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross Site Scripting (XSS) vulnerability in GRN Software Group eVEWA3 Community version 31 through 53, allows attackers to gain escalated privileges via crafted request to login panel."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de cross site scripting (XSS) en GRN Software Group eVEWA3 Community versi\u00f3n 31 a 53 permite a los atacantes obtener privilegios aumentados a trav\u00e9s de una solicitud manipulada para el panel de inicio de sesi\u00f3n."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "http://evewa3.com",
      "source": "cve@mitre.org"
    },
    {
      "url": "http://grn.com",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://blog.munz4u.de/posts/2023/03/cve-2023-25295-ato-via-rxss-in-evewa3-community/",
      "source": "cve@mitre.org"
    }
  ]
}