Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)

Author: Andreas Finstad
type: webapps
platform: multiple
port: 
date_added: 2023-04-05 
date_updated: 2023-04-05 
verified: 0 
codes: CVE-2023-23286 
tags: 
aliases:  
screenshot_url:  
application_url: 

# Exploit Title: Provide Server v.14.4 XSS - CSRF & Remote Code Execution (RCE)
# Date: 2023-02-10
# Exploit Author: Andreas Finstad
# Version: < 14.4.1.29
# Tested on: Windows Server 2022
# CVE : CVE-2023-23286
POC:

https://f20.be/blog/provide-server-14-4