CVE-2023-51946
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
19/01/2024
Last modified:
20/06/2025
Description
Multiple reflected cross-site scripting (XSS) vulnerabilities in nasSvr.php in actidata actiNAS-SL-2U-8 3.2.03-SP1 allow remote attackers to inject arbitrary web script or HTML.
Impact
Base Score 3.x
6.10
Severity 3.x
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:actidata:actinas_sl_2u-8_rdx_firmware:3.2.03:sp1:*:*:*:*:*:* | ||
| cpe:2.3:h:actidata:actinas_sl_2u-8_rdx:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://actidata.com
- https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51946/README.md
- https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx
- http://actidata.com
- https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51946/README.md
- https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx