Approved changes feed: RSS · Atom

cpe:2.3:o:gira:gira_home_server_firmware:*:*:*:*:*:*:*:*

part: o version: * update: *

VendorGira (6767f3d1-1d18-5177-aaf5-132cb8fccd43)
ProductGira Home Server Firmware (8435d0b3-9a12-5cf9-bd72-f1e3419c9f7d)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2023-2739 vulnerable 2026-06-08 06:02:42.926196 Gira HomeServer hslist cross site scripting
MEDIUM (4.3)
A vulnerability classified as problematic was found in Gira HomeServer up to 4.12.0.220829 beta. This vulnerability affects unknown code of the file /hslist. The manipulation of the argument lst with the input debug%27"><img%20src=x%20onerror=alert(document.cookie)> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229150 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2023-05-16T15:31:03.717Z
Updated: 2024-08-02T06:33:05.319Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.