CVE-2023-40288Cross-site Scripting in X11sae-f Firmware

CWE-79Cross-site Scripting3 documents3 sources
Severity
8.3HIGHNVD
EPSS
0.7%
top 27.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Supermicro X11sae-f FirmwareSupermicro X11sse-f FirmwareSupermicro X11ssm-f Firmware
Timeline
PublishedMar 27

Description

An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 1.66 devices. An attacker could exploit an XSS issue.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 1.6 | Impact: 6.0

Affected Packages3 packages

🔴Vulnerability Details

2
GHSA
GHSA-45f8-rqfm-rh3c: An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 12024-03-27
CVEList
CVE-2023-40288: An issue was discovered on Supermicro X11SSM-F, X11SAE-F, and X11SSE-F 12024-03-27
CVE-2023-40288 — Cross-site Scripting | cvebase