CVE-2023-31928
MEDIUMBrocade Fabric OS < 9.2.0 - Unauthenticated Reflected Cross-Site Scripting in Webtools PortSetting.html
Title source: llmDescription
A reflected cross-site scripting (XSS) vulnerability exists in Brocade Webtools PortSetting.html of Brocade Fabric OS version before Brocade Fabric OS v9.2.0 that could allow a remote unauthenticated attacker to execute arbitrary JavaScript code in a target user’s session with the Brocade Webtools application.
References (2)
Core 2
Core References
Third Party Advisory
https://security.netapp.com/advisory/ntap-20230908-0007/
Scores
CVSS v3
6.3
EPSS
0.0015
EPSS Percentile
35.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Details
CWE
CWE-79
Status
published
Products (1)
broadcom/brocade_fabric_operating_system
< 9.2.0
Published
Aug 02, 2023
Tracked Since
Feb 18, 2026