Show filters
40 Total Results
Displaying 11-20 of 40
Sort by:
Attacker Value
Unknown
CVE-2024-40732
Disclosure Date: July 09, 2024 (last updated July 11, 2024)
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/add/.
0
Attacker Value
Unknown
CVE-2024-40731
Disclosure Date: July 09, 2024 (last updated July 11, 2024)
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/rear-ports/{id}/edit/.
0
Attacker Value
Unknown
CVE-2024-40730
Disclosure Date: July 09, 2024 (last updated July 11, 2024)
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/{id}/edit/.
0
Attacker Value
Unknown
CVE-2024-40729
Disclosure Date: July 09, 2024 (last updated July 11, 2024)
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/interfaces/add/.
0
Attacker Value
Unknown
CVE-2024-40728
Disclosure Date: July 09, 2024 (last updated July 11, 2024)
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/{id}/edit/.
0
Attacker Value
Unknown
CVE-2024-40727
Disclosure Date: July 09, 2024 (last updated July 11, 2024)
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/console-server-ports/add/.
0
Attacker Value
Unknown
CVE-2024-40726
Disclosure Date: July 09, 2024 (last updated July 11, 2024)
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/{id}/edit/.
0
Attacker Value
Unknown
CVE-2024-38972
Disclosure Date: July 09, 2024 (last updated July 11, 2024)
A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-ports/add/.
0
Attacker Value
Unknown
CVE-2024-0948
Disclosure Date: January 26, 2024 (last updated April 16, 2024)
** DISPUTED ** ** DISPUTED ** A vulnerability, which was classified as problematic, has been found in NetBox up to 3.7.0. This issue affects some unknown processing of the file /core/config-revisions of the component Home Page Configuration. The manipulation with the input <<h1 onload=alert(1)>>test</h1> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The associated identifier of this vulnerability is VDB-252191. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
0
Attacker Value
Unknown
CVE-2023-36234
Disclosure Date: September 20, 2023 (last updated February 25, 2025)
Cross Site Scripting (XSS) vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function.
0
