CVE-2023-3196
- Source
- https://cve.org/CVERecord?id=CVE-2023-3196
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-3196.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-3196
- Published
- 2023-10-03T16:15:10.077Z
- Modified
- 2026-04-02T09:04:06.595707Z
- Severity
-
- 4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
This vulnerability could allow an attacker to store a malicious JavaScript payload in the login footer and login page description parameters within the administration panel.
- References
-
- https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/helpers/html.js?ref_type=heads
- https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/config.js?ref_type=heads#L38
- https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis
Affected packages
Git / github.com/capensis/canopsis
Affected versions
22.*
22.10-preview99
22.10-rc1
22.10-rc10
22.10-rc11
22.10-rc12
22.10-rc2
22.10-rc3
22.10-rc4
22.10-rc5
22.10-rc6
22.10-rc7
22.10-rc8
22.10-rc9
22.10.0
22.10.1
22.10.10
22.10.11
22.10.12
22.10.13
22.10.2
22.10.3
22.10.4
22.10.5
22.10.6
22.10.7
22.10.8
22.10.9
23.*
23.04-alpha1
23.04-alpha2
23.04-alpha3
23.10-2-preview99
4.*
4.2.94
4.2.95
4.2.96
4.2.97
4.2.991
4.2.992
4.2.993
4.2.994
4.2.995
4.2.996
4.2.997
4.2.998
4.3.0
4.3.1
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.8
4.3.9
4.3.91
4.3.92
4.3.93
4.3.94
4.3.95
4.3.96
4.3.97
4.3.98
4.3.991
4.3.992
4.3.993
4.3.994
4.3.995
4.3.996
4.3.997
4.3.998
4.4.0
4.4.1
4.4.91
4.4.991
4.4.992
4.4.993
4.4.994
4.4.995
4.4.996
4.4.997
4.4.998
4.5.0
4.5.1
4.5.10
4.5.11
4.5.12
4.5.13
4.5.14
4.5.15
4.5.2
4.5.3
4.5.4
4.5.5
4.5.6
4.5.7
4.5.8
4.5.9
4.5.91
4.5.92
4.5.93
4.5.94
4.5.991
4.5.992
4.5.993
4.6.0
4.6.1
4.6.2
4.6.3
Other
clean_gitlab_ci
trivy