API security news
Main / CVE-2023-22425
CVE-2023-22425
Discription

Stored cross-site scripting vulnerability in Schedule function of SHIRASAGI v1.16.2 and earlier versions allows a remote authenticated attacker to inject an arbitrary script.Read More

References

https://www.ss-proj.org/support/938.htmlhttps://www.ss-proj.org/https://github.com/shirasagi/shirasagihttps://jvn.jp/en/jp/JVN18765463/

Back to Main
Share

Twitter

Facebook
Subscribe for the latest news:

    • ID: CVE-2023-22425
    • Type: cve
    • Reporter: vultures@jpcert.or.jp
    • Modified: 2023-02-24 06:15:00

    Categories

    • API Security
    • API
    • Bugbounty
    • CVE
    • GraphQL
    • gRPC
    • JSON-RPC
    • JSON Web Token
    • OAuth
    • SOAP
    • WebSocket
    • With threat indicators
    • WSDL
    • XML-RPC

    Gold sponsor:

    Wallarm logo
    Become a sponsor API-security.blog