CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29714
https://notcve.org/view.php?id=CVE-2023-29714
Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via the username, password, and language cookies parameter. • https://info.vadesecure.com/hubfs/Ressource%20Marketing%20Website/Datasheet/EN/Vade_Secure_DS_Gateway_EN.pdf https://labs.yarix.com/advisories/cve-2023-29714-dom-based-xss-in-vade-secure-gateway https://www.vadesecure.com/en • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2023-29712
https://notcve.org/view.php?id=CVE-2023-29712
Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the X-Rewrite-URL parameter. • https://info.vadesecure.com/hubfs/Ressource%20Marketing%20Website/Datasheet/EN/Vade_Secure_DS_Gateway_EN.pdf https://labs.yarix.com/2023/05/vade-secure-gateway-multiple-xss-cve-2023-29712-cve-2023-29713-cve-2023-29714 https://www.vadesecure.com/en • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-29713
https://notcve.org/view.php?id=CVE-2023-29713
Cross Site Scripting vulnerability found in Vade Secure Gateway allows a remote attacker to execute arbitrary code via a crafted payload to the GET request after the /css/ directory. • https://info.vadesecure.com/hubfs/Ressource%20Marketing%20Website/Datasheet/EN/Vade_Secure_DS_Gateway_EN.pdf https://labs.yarix.com/advisories/cve-2023-29713-reflected-xss-in-vade-secure-gateway https://www.vadesecure.com/en • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •