VYPR
Unrated severityNVD Advisory· Published Apr 24, 2023· Updated Feb 4, 2025

CVE-2023-26059

CVE-2023-26059

Description

An issue was discovered in Nokia NetAct before 22 SP1037. On the Site Configuration Tool tab, attackers can upload a ZIP file which, when processed, exploits Stored XSS. The upload option of the Site Configuration tool does not validate the file contents. The application is in a demilitarised zone behind a perimeter firewall and without exposure to the internet. The attack can only be performed by an internal user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Nokia/NetActdescription
  • Nokia/NetActllm-fuzzy
    Range: <22 SP1037

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.