{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-23075", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-27T14:26:03.000Z", "dateReserved": "2023-01-11T00:00:00.000Z", "datePublished": "2023-02-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-02-01T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://bugbounty.zohocorp.com/bb/#/bug/101000006463045?tab=originator"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:28:40.822Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugbounty.zohocorp.com/bb/#/bug/101000006463045?tab=originator", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-03-27T14:25:22.948985Z", "id": "CVE-2023-23075", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-27T14:26:03.000Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-23075", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-27T14:26:03.000Z", "dateReserved": "2023-01-11T00:00:00.000Z", "datePublished": "2023-02-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-02-01T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://bugbounty.zohocorp.com/bb/#/bug/101000006463045?tab=originator"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:28:40.822Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugbounty.zohocorp.com/bb/#/bug/101000006463045?tab=originator", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-23075", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-03-27T14:25:22.948985Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-27T14:25:57.772Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:-:*:*:*:*:*:*", "matchCriteriaId": "258BF334-DE00-472D-BD94-C0DF8CDAF53C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6900:*:*:*:*:*:*", "matchCriteriaId": "7D0754D0-5B28-4851-89A2-DC5B20CFF3E8", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6901:*:*:*:*:*:*", "matchCriteriaId": "6E0CAA5B-16A1-4637-B90A-BFAF7381CCD9", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6902:*:*:*:*:*:*", "matchCriteriaId": "48A960D7-7AB2-43F4-99FC-5B1FE69BFDB6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6903:*:*:*:*:*:*", "matchCriteriaId": "B293513C-9ECB-4512-B1B8-A470C6115458", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6904:*:*:*:*:*:*", "matchCriteriaId": "5D9B89EB-C51F-4A70-A6DF-1BD326308DA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6905:*:*:*:*:*:*", "matchCriteriaId": "9B708143-01B3-45D0-A769-E1D8E99237B5", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6906:*:*:*:*:*:*", "matchCriteriaId": "F1837C80-7D1F-4AF5-BF4B-932DF03D6A30", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6907:*:*:*:*:*:*", "matchCriteriaId": "4E528B83-1539-4516-9ACF-A05E853014DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6908:*:*:*:*:*:*", "matchCriteriaId": "CBFB65BC-5B94-4075-BBB1-4CD8B5B216C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6909:*:*:*:*:*:*", "matchCriteriaId": "7FAF3DFA-78FB-417C-808A-507F66889913", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6950:*:*:*:*:*:*", "matchCriteriaId": "E9506197-CDDA-451B-9FE3-72B3C3BA19EF", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6951:*:*:*:*:*:*", "matchCriteriaId": "691DF8EC-6A7A-4449-8A4C-79F76726D685", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6952:*:*:*:*:*:*", "matchCriteriaId": "0B3E2B0A-EB1E-45C3-BC2C-9E32268A0867", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6953:*:*:*:*:*:*", "matchCriteriaId": "E1BD2753-52B8-4EB0-8332-C67935FB8B47", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6954:*:*:*:*:*:*", "matchCriteriaId": "E8BD08BF-4E5D-4DE4-A499-B0296C126599", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6955:*:*:*:*:*:*", "matchCriteriaId": "F13CB227-496C-4777-BE76-27AFF5ED15C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6956:*:*:*:*:*:*", "matchCriteriaId": "2AB1DF8F-3385-40C6-92C5-10724F8A6911", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6957:*:*:*:*:*:*", "matchCriteriaId": "C1997DE8-8CFA-4882-9107-741B88339A67", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6970:*:*:*:*:*:*", "matchCriteriaId": "148F6458-136D-4612-9619-F51AEEC11AA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6971:*:*:*:*:*:*", "matchCriteriaId": "8B189696-D6BC-475B-90CA-AF122224FEAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6972:*:*:*:*:*:*", "matchCriteriaId": "477C97EC-A497-4C7C-973B-2C057A9242AD", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6973:*:*:*:*:*:*", "matchCriteriaId": "284F5D9D-F23F-4936-B461-10701CC3AB7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6974:*:*:*:*:*:*", "matchCriteriaId": "74CE0145-F165-4FB4-A819-01B30641196A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6975:*:*:*:*:*:*", "matchCriteriaId": "CA291C44-616B-45D9-9709-61CD33E8B135", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6976:*:*:*:*:*:*", "matchCriteriaId": "C1C7492E-5D5B-419D-9749-7CC6EE5BC0FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6977:*:*:*:*:*:*", "matchCriteriaId": "DCF1B243-DA58-42CD-9DF4-6D4A010796D8", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6978:*:*:*:*:*:*", "matchCriteriaId": "2B73FD0F-6B48-406E-AB29-606CC07C81C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6979:*:*:*:*:*:*", "matchCriteriaId": "CED2C49D-DB96-4495-BD6F-460871D94EDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6980:*:*:*:*:*:*", "matchCriteriaId": "C9AAC638-1379-4F87-9BA3-07CE16CAB98A", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6981:*:*:*:*:*:*", "matchCriteriaId": "B3470B5B-B8BC-41B9-8CA5-5E7A0EB9934F", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6982:*:*:*:*:*:*", "matchCriteriaId": "3A2D9355-B1D5-4B14-8900-42E7C8DC5E4E", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6983:*:*:*:*:*:*", "matchCriteriaId": "03A34ED3-EC89-4BE3-8A99-A5727A154672", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6984:*:*:*:*:*:*", "matchCriteriaId": "4E84EF2B-37A5-4499-8C16-877E8AB8A731", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6985:*:*:*:*:*:*", "matchCriteriaId": "1FDA22C3-8F1E-45C9-BC8D-C3A49EFA348C", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6986:*:*:*:*:*:*", "matchCriteriaId": "DDA5504A-8BD9-4C0D-AD5A-4CB188A99563", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6987:*:*:*:*:*:*", "matchCriteriaId": "2E4E1A50-A366-4D5E-9DDB-B33D1D1770E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:zohocorp:manageengine_assetexplorer:6.9:6988:*:*:*:*:*:*", "matchCriteriaId": "356CA7C7-993F-4D5D-9FAB-9E5475878D53", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross Site Scripting (XSS) vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation."}], "id": "CVE-2023-23075", "lastModified": "2025-03-27T15:15:43.447", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-02-01T20:15:11.707", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable", "Vendor Advisory"], "url": "https://bugbounty.zohocorp.com/bb/#/bug/101000006463045?tab=originator"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable", "Vendor Advisory"], "url": "https://bugbounty.zohocorp.com/bb/#/bug/101000006463045?tab=originator"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{}