exploitDog

CVE-2023-52326

Опубликовано: 23 янв. 2024

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.

Please note this vulnerability is similar, but not identical to CVE-2023-52327.

Ссылки

https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-24-023/
Third Party Advisory
VDB Entry
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US
Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-24-023/
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:trendmicro:apex_central:2019:-:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00582

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-r7mg-69gq-5g8v

CVSS3: 6.1

github

около 2 лет назад

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52327.

EPSS

Процентиль: 68%

0.00582

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79