Vulnerabilities > Spaceapplications > Yacms > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-11-20 CVE-2023-46470 Cross-site Scripting vulnerability in Spaceapplications Yacms 5.8.6
Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser.
network
low complexity
spaceapplications CWE-79
5.4
5.4
2023-11-20 CVE-2023-46471 Cross-site Scripting vulnerability in Spaceapplications Yacms 5.8.6
Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via the text variable scriptContainer of the ScriptViewer.
network
low complexity
spaceapplications CWE-79
5.4
5.4
2023-11-20 CVE-2023-47311 Improper Restriction of Rendered UI Layers or Frames vulnerability in Spaceapplications Yacms 5.8.6
An issue in Yamcs 5.8.6 allows attackers to send aribitrary telelcommands in a Command Stack via Clickjacking.
network
low complexity
spaceapplications CWE-1021
6.1
6.1