CVE-2023-48256

Medium

The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s…

bosch·CWE-113·Published 2024-01-10

CVSS

6.3

EPSS

0.00

KEV

Exploits

cve.orgen

180 chars

The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP request.

NVDen

180 chars

The vulnerability allows a remote attacker to inject arbitrary HTTP response headers or manipulate HTTP response bodies inside a victim’s session via a crafted URL or HTTP request.

NVDes

223 chars

La vulnerabilidad permite a un atacante remoto inyectar encabezados de respuesta HTTP arbitrarios o manipular cuerpos de respuesta HTTP dentro de la sesión de una víctima a través de una URL manipulada o una solicitud HTTP.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	NVD	6.3	2.8	3.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
3.1	Primary	cve.org	5.3	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L