1 results (0.004 seconds)

CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0

A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in the API Server's public API endpoint can be exploited, allowing an attacker to execute arbitrary JavaScript code in the victim browser Se ha identificado una vulnerabilidad en la que se pueden explotar cross-site scripting (XSS) no autenticadas en el endpoint de la API pública del servidor API, lo que permite a un atacante ejecutar código JavaScript arbitrario en el navegador de la víctima. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32192 https://github.com/rancher/apiserver/security/advisories/GHSA-833m-37f7-jq55 • CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •