A vulnerability has been identified in which unauthenticated cross-site
scripting (XSS) in Norman's public API endpoint can be exploited. This
can lead to an attacker exploiting the vulnerability to trigger
JavaScript code and execute commands remotely.
Metrics
Affected Vendors & Products
References
History
Wed, 16 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Rancher
Rancher norman |
|
CPEs | cpe:2.3:a:rancher:norman:*:*:*:*:*:*:*:* | |
Vendors & Products |
Rancher
Rancher norman |
|
Metrics |
ssvc
|
Wed, 16 Oct 2024 12:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely. | |
Title | Norman API Cross-site Scripting Vulnerability | |
Weaknesses | CWE-80 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: suse
Published: 2024-10-16T12:27:13.591Z
Updated: 2024-10-16T16:23:57.223Z
Reserved: 2023-05-04T08:30:59.322Z
Link: CVE-2023-32193
Vulnrichment
Updated: 2024-10-16T16:23:46.557Z
NVD
Status : Awaiting Analysis
Published: 2024-10-16T13:15:12.540
Modified: 2024-10-16T16:38:14.557
Link: CVE-2023-32193
Redhat
No data.