Vector Strings

Severity Score: 6.1
Severity: MEDIUM
Exploitability Score: 2.8
Impact Score: 2.7

Access Vector (AV):
Access Complexity (AC):
Authentication (AU): NONE
Confidentiality (C): LOW
Integrity (I): LOW
Availability (A): NONE

Published Date: 2023-03-05
Last Modified: 2023-03-13

CVE-2023-27641

About:
The REPORT (after z but before a) parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a crafted URL.

References

https://github.com/hosakauk/exploits/blob/master/listserv_report_xss.MD

Related CVEs

No related CVEs.

Empower Your Security Strategy with Rainforest

Discover vulnerabilities early, prioritize critical threats, and protect what truly matters. Rainforest streamlines your security operations, saving you time and reducing costs, so you can focus on what drives your business forward.

Book a Demo