Unrated severityNVD Advisory· Published Dec 14, 2023· Updated Aug 2, 2024
WhatsUp Gold Stored Cross-Site Scripting (XSS) via Roles
CVE-2023-6367
Description
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Roles.
If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <2023.1
- Progress Software Corporation/WhatsUp Goldv5Range: 2023.0
Patches
Vulnerability mechanics
References
2- community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-December-2023mitrevendor-advisory
- www.progress.com/network-monitoringmitreproduct
News mentions
0No linked articles in our index yet.