scripting (XSS) in Norman's public API endpoint can be exploited. This
can lead to an attacker exploiting the vulnerability to trigger
JavaScript code and execute commands remotely.
Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Sat, 12 Jul 2025 13:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
epss
|
epss
|
Wed, 16 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Rancher
Rancher norman |
|
CPEs | cpe:2.3:a:rancher:norman:*:*:*:*:*:*:*:* | |
Vendors & Products |
Rancher
Rancher norman |
|
Metrics |
ssvc
|
Wed, 16 Oct 2024 12:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in Norman's public API endpoint can be exploited. This can lead to an attacker exploiting the vulnerability to trigger JavaScript code and execute commands remotely. | |
Title | Norman API Cross-site Scripting Vulnerability | |
Weaknesses | CWE-80 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: suse
Published:
Updated: 2024-10-16T16:23:57.223Z
Reserved: 2023-05-04T08:30:59.322Z
Link: CVE-2023-32193

Updated: 2024-10-16T16:23:46.557Z

Status : Awaiting Analysis
Published: 2024-10-16T13:15:12.540
Modified: 2024-10-16T16:38:14.557
Link: CVE-2023-32193

No data.

No data.