2 matches found
CVE-2023-6366 WhatsUp Gold Stored Cross-Site Scripting (XSS) via Alert Center
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting XSS vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be...
CVE-2023-6366
Progress WhatsUp Gold pre-2023.1 has a stored XSS in Alert Center (CVE-2023-6366). An attacker can store a payload, and when a user interacts with it, malicious JavaScript runs in the victim’s browser context. Affected product: WhatsUp Gold; vulnerability originates from storing payloads in Alert...