Security Advisory

CVE-2023-38582

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-18 20:04:48
Last updated 2025-06-18 14:29:30
Assigner icscert
State PUBLISHED

Description

Persistent cross-site scripting (XSS) in the web application of MOD3GP-SY-120K allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the field MAIL_RCV. When a legitimate user attempts to access to the vulnerable page of the web application, the XSS payload will be executed.