CVE-2023-34796: Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f,...

0.0 CVSS

Description

Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f, allows unauthenticated attackers to execute arbitrary code via the org_name or domain values.

Classification

CVE ID: CVE-2023-34796

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.2% (probability of being exploited)

EPSS Percentile: 58.32% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://xmit.xyz/security/dmarcd-for-death/
https://github.com/techsneeze/dmarcts-report-viewer/pull/88

Timeline

2024-12-05 00:32:04 UTC
CVE

Cross site scripting (XSS) vulnerabiliy in dmarcts-report-viewer dashboard versions 1.1 and thru commit 8a1d882b4c481a05e296e9b38a7961e912146a0f,...