2 matches found
CVE-2023-4709
TOTVS RM 12.1 Portal.Login.aspx vulnerable to cross-site scripting via VIEWSTATE manipulation. Impact described as remote exploitation with high attack complexity and low/none exploitation risk in defaults, but configurable environments can still be affected. Affected component: Login.aspx in Por...
CVE-2023-4710
CVE-2023-4710 affects TOTVS RM 12.1, Portal component. The vulnerability stems from manipulation of the d argument, leading to cross-site scripting. The attack is capable of remote execution. Connected documents do not provide patch/version details or explicit remediation. Other references reiter...