Lucene search
Poh Jia Hao of STAR LabsZDI-23-723HistoryMay 24, 2023 - 12:00 a.m.
Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability
2023-05-2400:00:00
Poh Jia Hao of STAR Labs
www.zerodayinitiative.com
9
remote code execution
user interaction
arbitrary script injection
application context
0.002 Low
EPSS
Percentile
56.8%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Data Loss Prevention component. The issue results from the lack of proper validation of user-supplied data, which can lead to the injection of an arbitrary script. An attacker can leverage this vulnerability to interact with the application in the context of the target user.
Related
cve
cve
CVE-2023-32531
2023-06-26 22:15:10
CVE-2023-32532
2023-06-26 22:15:10
nvd
nvd
CVE-2023-32531
2023-06-26 22:15:10
CVE-2023-32532
2023-06-26 22:15:10
prion
prion
Cross site scripting
2023-06-26 22:15:00
Cross site scripting
2023-06-26 22:15:00
cvelist
cvelist
CVE-2023-32531
2023-06-26 21:54:44
CVE-2023-32532
2023-06-26 21:54:53