{"schema_version": "1.6.1", "id": "CVE-2023-38435", "summary": "XSS in healthcheck webconsole plugin", "details": "\nAn improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in Apache Felix Healthcheck Webconsole Plugin version 2.0.2 and prior may allow an attacker to perform a reflected cross-site scripting (XSS) attack.\n\nUpgrade to Apache Felix Healthcheck Webconsole Plugin 2.1.0 or higher.", "affected": [{"ranges": [{"type": "SEMVER", "events": [{"introduced": "0"}, {"last_affected": "0"}]}]}], "references": [{"type": "WEB", "url": "https://lists.apache.org/thread/r3blhp3onr4rdbkgdyglqnccg0v79pfv"}]}