Security Advisory

CVE-2023-4802

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-13 15:15:06

Last updated 2024-09-24 19:54:46

Assigner Proofpoint

State PUBLISHED

Description

A reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management (ITM) Servers web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrators browser. All versions prior to 7.14.3.69 are affected.

← Browse all CVEs View on cve.org ↗