Yugabyte - Yugabytedb CVE

Filtered by vendor Yugabyte Subscribe

Filtered by product Yugabytedb

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-6002	1 Yugabyte	1 Yugabytedb	2023-11-15	N/A	6.1 MEDIUM
YugabyteDB is vulnerable to cross site scripting (XSS) via log injection. Writing invalidated user input to log files can allow an unprivileged attacker to forge log entries or inject malicious content into the logs.

Vulnerabilities (CVE)