Skip to main content

Cozy

1 CVEs product

Monthly

CVE-2018-6824 MEDIUM POC This Month

Cozy version 2 has XSS allowing remote attackers to obtain administrative access via JavaScript code in the url parameter to the /api/proxy URI, as demonstrated by an XMLHttpRequest call with an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cozy
NVD
CVSS 3.0
6.1
EPSS
0.8%
EPSS 1% CVSS 6.1
MEDIUM POC This Month

Cozy version 2 has XSS allowing remote attackers to obtain administrative access via JavaScript code in the url parameter to the /api/proxy URI, as demonstrated by an XMLHttpRequest call with an. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cozy
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy