CVE-2023-6367

🗓️ 14 Dec 2023 16:05:50Reported by ProgressSoftwareType

WhatsUp Gold pre-2023.1 version XSS vulnerabilit

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2023-6367	11 Jan 202409:26	–	circl
CNNVD	Progress Software WhatsUp Gold Cross-Site Scripting Vulnerability	14 Dec 202300:00	–	cnnvd
Cvelist	CVE-2023-6367 WhatsUp Gold Stored Cross-Site Scripting (XSS) via Roles	14 Dec 202316:05	–	cvelist
EUVD	EUVD-2023-58608	3 Oct 202520:07	–	euvd
NVD	CVE-2023-6367	14 Dec 202316:15	–	nvd
Prion	Cross site scripting	14 Dec 202316:15	–	prion
Tenable Nessus	Progress WhatsUp Gold < 23.1 Multiple Vulnerabilities	22 Dec 202300:00	–	nessus
RedhatCVE	CVE-2023-6367	23 May 202502:07	–	redhatcve

NVD

Node

progress whatsup_goldRange<23.1.0

[
  {
    "defaultStatus": "affected",
    "modules": [
      "Roles"
    ],
    "product": "WhatsUp Gold",
    "vendor": "Progress Software Corporation",
    "versions": [
      {
        "lessThan": "2023.1",
        "status": "affected",
        "version": "2023.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "2022.1",
        "status": "affected",
        "version": "2022.0",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
progress	www.progress.com/network-monitoring
community	www.community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-December-2023

21 Nov 2024 08:43Current

5.6Medium risk

Vulners AI Score5.6

CVSS 3.15.4 - 7.6

EPSS0.00028

CWE-79