CVE-2023-46854 MEDIUM

CVE-2023-46854

Vendor N/A
Product n/a
Published October 28, 2023
Last update September 9, 2024

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AC:L/AV:N/A:N/C:L/I:L/PR:L/S:C/UI:R

What the vulnerability does

01Description

Proxmox proxmox-widget-toolkit before 4.0.9, as used in multiple Proxmox products, allows XSS via the edit notes feature.

Key dates

02Disclosure timeline

October 28, 2023 CVE published
September 9, 2024 Record updated