The vulnerability in the modDLPTemplateMatch_drildown.php script of the monitoring and security management tool Trend Micro Apex Central allows an attacker to execute XSS attacks.

🗓️ 19 Feb 2024 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

XSS vulnerability in modDLPTemplateMatch_drildown.php in Trend Micro Apex Central enables execution.

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2023-52329	12 Feb 202418:16	–	circl
CNNVD	Trend Micro Apex Central Security Vulnerability	23 Jan 202400:00	–	cnnvd
CVE	CVE-2023-52328	23 Jan 202420:42	–	cve
CVE	CVE-2023-52329	23 Jan 202420:42	–	cve
Cvelist	CVE-2023-52329	23 Jan 202420:42	–	cvelist
NVD	CVE-2023-52329	23 Jan 202421:15	–	nvd
OSV	CVE-2023-52329	23 Jan 202421:15	–	osv
Prion	Cross site scripting	23 Jan 202421:15	–	prion
Prion	Cross site scripting	23 Jan 202421:15	–	prion
Positive Technologies	PT-2024-1670 · Trend Micro · Trend Micro Apex Central	9 Jan 202400:00	–	ptsecurity

Source	Link
success	www.success.trendmicro.com/dcx/s/solution/000296153
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-24-074/
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2024010991
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-24-074/

19 Feb 2024 00:00Current

6.3Medium risk

Vulners AI Score6.3

CVSS 36.1

CVSS 26.4

EPSS0.0061

cross site scripting drildown module trend micro apex central remote exploitation