Security Advisory

CVE-2023-40461

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-04 22:52:13

Last updated 2026-02-25 17:20:06

Assigner SWI

State PUBLISHED

Description

The ACEManager component of ALEOS 4.16 and earlier allows an authenticated user with Administrator privileges to access a file upload field which does not fully validate the file name, creating a Stored Cross-Site Scripting condition.

← Browse all CVEs View on cve.org ↗