Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)

Author: Andreas Finstad
type: webapps
platform: multiple
port: 
date_added: 2023-04-05  
date_updated: 2023-04-05  
verified: 0  
codes: CVE-2023-23286  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 51264.txt  

# Exploit Title: Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)
# Date: 2023-02-10
# Exploit Author: Andreas Finstad
# Version: < 14.4.1.29
# Tested on: Windows Server 2022
# CVE : CVE-2023-23286
POC:

https://f20.be/blog/provide-server-14-4