← back
CVE-2023-4564

Multiple vulnerabilities in Canopsis of Capensis

CVSS 4.7 MEDIUMEPSS 0.4%CWE-79
This vulnerability could allow an attacker to store a malicious JavaScript payload in the broadcast message parameter within the admin panel.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
Affected products
Capensis · Canopsis

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/config.js?ref_type=heads#L38https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/helpers/html.js?ref_type=headshttps://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis