Known Vulnerabilities
CVE-2023-38569
Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.
UNKNOWN
Published Sep 05, 2023
CVE-2023-36492
Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.
UNKNOWN
Published Sep 05, 2023
CVE-2023-39448
Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution.
UNKNOWN
Published Sep 05, 2023