View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 2111 | RackTables | default | public | 2026-04-13 13:21 | 2026-04-13 13:21 |
| Reporter | ntavares | Assigned To | |||
| Priority | normal | Severity | major | Reproducibility | always |
| Status | new | Resolution | open | ||
| Product Version | 0.22.0 | ||||
| Summary | 2111: Regarding CVE-2023-49453 | ||||
| Description | Ref: https://nvd.nist.gov/vuln/detail/CVE-2023-49453 Published: November 11, 2023 Claim: A Cross-Site Scripting (XSS) vulnerability in Racktables, located in the 'search' component at '/index.php?page=search', allows attackers to capture a victim's cookies through reflected Cross-Site scripting method. Strange that there is no record of this in this bugtracker, being 2,5y old and for a seemingly simple fix. | ||||
| Steps To Reproduce | Verified with search string: <script>alert(1)</script> | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2026-04-13 13:21 | ntavares | New Issue |
