Vulnerability CVE-2023-35759
Published: 2023-06-23

Description:
In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS.

See advisories in our WLB2 database:
Topic
Author
Date
Low
WhatsUp Gold 2022 22.1.0 Build 39 Cross Site Scripting
Andreas Finstad
06.02.2024
Low
WhatsUp Gold 2022 (22.1.0 Build 39) XSS
Andreas Finstad
06.02.2024

Type:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://community.progress.com/s/article/Product-Alert-Bulletin-June-2023
Copyright 2024, cxsecurity.com

 

Back to Top