关键漏洞信息 漏洞名称: GIRA HomeServer up to 4.12.0.220829 beta /hslist lst Cross Site Scripting CVE ID: CVE-2023-2739 Vulnerability Type: Cross Site Scripting Description: - A problematic vulnerability has been identified in Gira HomeServer up to 4.12.0.220829 beta, affecting an unknown function of the file . - Manipulating the argument with the input can lead to cross-site scripting. CWE: CWE-79 Impact: - Can lead to cross-site scripting attacks, which may compromise the integrity of the web page served to other users. Published: 05/16/2023 Exploit Status: A proof-of-concept exploit is available. Successful exploitation requires user interaction. Vendor Response: The vendor was contacted but did not respond. Suggested Mitigation: Replace the affected product with an alternative product.