How severe is CVE-2023-28016?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.1 out of 10.

What type of vulnerability is CVE-2023-28016?

This is classified as CWE-74, which is a common weakness in software security.

CVE-2023-28016

MEDIUM Year: 2023

CVSS v3 Score

6.1

Medium

Weakness Type

CWE-74

View all →

Vulnerability Description

Host Header Injection vulnerability in the HCL BigFix OSD Bare Metal Server version 311.12 or lower allows attacker to supply invalid input to cause the OSD Bare Metal Server to perform a redirect to an attacker-controlled domain.

CVE-2014-10386

MEDIUM

CVSS:6.1(Medium)

The wp-live-chat-support plugin before 4.1.0 for WordPress has JavaScript injections.

CWE-742014

CVE-2014-10391

MEDIUM

CVSS:6.1(Medium)

The wp-support-plus-responsive-ticket-system plugin before 4.1 for WordPress has JavaScript injection.

CWE-742014

CVE-2014-10394

MEDIUM

CVSS:6.1(Medium)

The rich-counter plugin before 1.2.0 for WordPress has JavaScript injection via a User-Agent header.

CWE-742014

CVE-2015-3154

MEDIUM

CVSS:6.1(Medium)

CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HT...

CWE-742015

CVE-2015-5462

MEDIUM

CVSS:6.1(Medium)

AxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features.

CWE-742015

CVE-2016-5701

MEDIUM

CVSS:6.1(Medium)

setup/frames/index.inc.php in phpMyAdmin 4.0.10.x before 4.0.10.16, 4.4.15.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to conduct BBCode injection attacks against HTTP sessions v...

CWE-742016

CVE-2023-28016

Vulnerability Description

Related Vulnerabilities

CVE-2014-10386

CVE-2014-10391

CVE-2014-10394

CVE-2015-3154

CVE-2015-5462

CVE-2016-5701