AI Score
Confidence
High
EPSS
Percentile
17.7%
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component.