CVE-2023-43509

MEDIUM Year: 2023
CVSS v3 Score
5.8
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

A vulnerability in the web-based management interface of ClearPass Policy Manager could allow an unauthenticated remote attacker to send notifications to computers that are running ClearPass OnGuard. These notifications can then be used to phish users or trick them into downloading malicious software.

Related Vulnerabilities

CVE-2019-11507

MEDIUM
CVSS:5.8(Medium)

In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before 9.0R3, an XSS issue has been found on the Application Launcher page.

CWE-792019

CVE-2020-9405

MEDIUM
CVSS:5.8(Medium)

IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page.

CWE-792020

CVE-2022-3211

MEDIUM
CVSS:5.8(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.6.

CWE-792022

CVE-2023-0337

MEDIUM
CVSS:5.8(Medium)

Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch.

CWE-792023

CVE-2023-0338

MEDIUM
CVSS:5.8(Medium)

Cross-site Scripting (XSS) - Reflected in GitHub repository lirantal/daloradius prior to master-branch.

CWE-792023

CVE-2023-2021

MEDIUM
CVSS:5.8(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.3.

CWE-792023