{"id":"CVE-2023-4564","details":"This vulnerability could allow an attacker to store a malicious JavaScript payload in the broadcast message parameter within the admin panel.","modified":"2026-04-10T05:03:32.602261Z","published":"2023-10-03T16:15:10.227Z","references":[{"type":"WEB","url":"https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/config.js?ref_type=heads#L38"},{"type":"WEB","url":"https://git.canopsis.net/canopsis/canopsis-community/-/blob/develop/community/sources/webcore/src/canopsis-next/src/helpers/html.js?ref_type=heads"},{"type":"ADVISORY","url":"https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/capensis/canopsis","events":[{"introduced":"0"},{"last_affected":"f8b90582483630f39274cfc2cb16452b729d9dd3"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"23.04-alpha3"}]}}],"versions":["23.04-alpha1","23.04-alpha2","23.04-alpha3","4.2.94","4.2.95","4.2.96","4.2.97","4.3.91","4.3.92","4.3.93","4.3.94","4.3.95","4.3.96","4.3.97","4.3.98","4.4.91","4.5.91","4.5.92","4.5.93","4.5.94"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-4564.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}