Podatność CVE-2023-35759
Publikacja: 2023-06-23

Opis:
In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Low
WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting
Andreas Finstad
06.02.2024
Low
WhatsUp Gold 2022 (22.1.0 Build 39) XSS
Andreas Finstad
06.02.2024

Typ:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 Referencje:
https://community.progress.com/s/article/Product-Alert-Bulletin-June-2023
Copyright 2024, cxsecurity.com

 

Back to Top