{"id":"CVE-2023-46492","details":"Cross Site Scripting vulnerability in MLDB.ai v.2017.04.17.0 allows a remote attacker to execute arbitrary code via a crafted payload to the public_html/doc/index.html.","modified":"2026-05-28T04:09:44.046497548Z","published":"2023-11-09T00:00:00Z","database_specific":{"cna_assigner":"mitre","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/46xxx/CVE-2023-46492.json"},"references":[{"type":"WEB","url":"https://gist.github.com/cd80/a75b618419d5afb137cd5a29e8156420"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/46xxx/CVE-2023-46492.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-46492"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mldbai/mldb","events":[{"introduced":"0"},{"last_affected":"9c652e21b0815de732214f10854160de9e8b4eb8"}],"database_specific":{"cpe":"cpe:2.3:a:mldb:machine_learning_database:2017.04.17.0:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"last_affected":"2017.04.17.0"}],"source":"CPE_STRING"}}],"versions":["v2017.04.17.0","v2016.12.16.0","v2016.08.04.0","v2016.07.12.0","v2016.06.28.1","v2016.06.28.0","v2016.06.08.0","v2016.06.02.0","v2016.04.25.0","v2016.04.04.0","v2016.03.22.0","v2016.03.10.0","v2016.03.09.0","v2016.02.19.0","v2016.02.11.0","v2016.02.01.0","v2016.01.26.0","v2016.01.18.0","v2015.12.18.0","v2015.12.08.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46492.json"}}],"schema_version":"1.7.5"}