CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

CVE-2023-6905

CVE-2023-6903

CVE-2023-6904

CVE-2023-3907

ZEROF Web Server 2.0 allows /admin.back XSS.

Permalink

![@iglan](https://avatars.githubusercontent.com/u/99967434?s=48&v=4)

**1** contributor

**Users who have contributed to this file**

**CVE-2022-25323****Suggested description**

ZEROF Web Server allows /admin.back XSS.

**Vulnerability Type**

Cross Site Scripting (XSS)

**Vendor of Product**

ZEROF

**Affected Product Code Base**

Web Server

**Affected Component**

/admin.back

**Attack Type**

Remote

**Impact Code execution**

true

**Attack Vectors**

Remote `https:/zerof/admin.back<img src=a onerror=alert(1)>`

**Discoverer**

Igor Landyrev, AWILLIX LLC

**Reference**

https://awillix.ru

Headline

CVE-2022-25323: research/CVE-2022-25323.md at main · awillix/research

CVE: Latest News