Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.
History

Fri, 27 Sep 2024 22:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: Go

Published: 2023-08-02T19:48:56.676Z

Updated: 2024-09-27T21:57:51.807Z

Reserved: 2023-07-27T17:05:38.856Z

Link: CVE-2023-3978

cve-icon Vulnrichment

Updated: 2024-08-02T07:08:50.711Z

cve-icon NVD

Status : Modified

Published: 2023-08-02T20:15:12.097

Modified: 2024-11-21T08:18:27.680

Link: CVE-2023-3978

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-08-02T00:00:00Z

Links: CVE-2023-3978 - Bugzilla