Description
A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize and (2) pageNo parameters.
Remediation
References
https://github.com/alibaba/nacos/issues/7359
Related Vulnerabilities
CVE-2023-34981 Vulnerability in maven package org.apache.tomcat:tomcat-coyote
CVE-2020-8192 Vulnerability in npm package fastify
CVE-2022-23708 Vulnerability in maven package org.elasticsearch:elasticsearch
CVE-2018-3738 Vulnerability in npm package protobufjs
CVE-2023-24163 Vulnerability in maven package cn.hutool:hutool-all