CVE-2023-4951 | Cross Site Scripting (XSS) Issue on "Client Based Authentication Policy Configuration" Screen
A cross site scripting issue was discovered with the pagination function on the "Client-based Authentication Policy Configuration" screen of the GreenRADIUS web admin interface. This issue is found in GreenRADIUS v5.1.1.1 and prior. A fix was included in v5.1.2.2.
Conclusion & alert: CVE-2023-4951 is rated Low Risk (25.6/100): CVSS Low severity, with medium exploitation likelihood (EPSS 0.27%).Mandatory action: Monitor for updates and reassess as exploit intelligence or EPSS changes.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2023-4951
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).