CVE-2023-43763

Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux...

The vulnerability of the centralized security management tool for end points, WithSecure Policy Manager, arises due to the lack of measures taken to protect the web page structure. This vulnerability allows attackers to carry out cross-site scripting attacks.

The vulnerability of the centralized security management tool for end points, WithSecure Policy Manager, exists due to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a remote attacker to carry out a cross-site scripting attack...

The vulnerability of the centralized security management tool for end points, WithSecure Policy Manager, arises due to insufficient validation of input data. This allows a perpetrator to execute arbitrary code.

The vulnerability of the centralized security management tool for end points, WithSecure Policy Manager, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2023-43762

Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server backend. This affects WithSecure Policy Manager 15 and Policy Manager Proxy 15...

CVE-2023-43763

Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux...

CVE-2023-43763

Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux...

Code injection

Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux...

CVE-2023-43764

Certain WithSecure products allow Unauthenticated Remote Code Execution via the web server backend, issue 2 of 2. This affects WithSecure Policy Manager 15 on Windows and Linux...

CVE-2023-43763

Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint. This affects WithSecure Policy Manager 15 on Windows and Linux...

PT-2023-28971 · Withsecure · Withsecure Policy Manager Proxy +1

Name of the Vulnerable Software and Affected Versions: WithSecure Policy Manager version 15 WithSecure Policy Manager Proxy version 15 Description: The issue allows Unauthenticated Remote Code Execution via the web server backend. This is a significant problem as it can be exploited without the...

CVE-2022-38162

Reflected cross-site scripting XSS vulnerabilities in WithSecure through 2022-08-10 exists within the F-Secure Policy Manager due to an unvalidated parameter in the endpoint, which allows remote attackers to provide a malicious input...