Unrated severityNVD Advisory· Published Nov 7, 2023· Updated Sep 17, 2024
Log Injection
CVE-2023-6002
Description
YugabyteDB is vulnerable to cross site scripting (XSS) via log injection. Writing invalidated user input to log files can allow an unprivileged attacker to forge log entries or inject malicious content into the logs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 2.0.0.0
Patches
Vulnerability mechanics
References
1- www.yugabyte.commitre
News mentions
0No linked articles in our index yet.