Published: 31/05/2023 Updated: 08/06/2023

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 0

Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote malicious user to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval.

Vulnerable Product	Search on Vulmon	Subscribe to Product
escanav escan management console 14.0.1400.2281

eScan Management Console 14014002281 - Reflected Cross Site Scripting Description: Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14014002281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval Vulnerable Product Version: 14014002281 Date: 30/05/20

CWE-79 https://github.com/sahiloj/CVE-2023-33733/blob/main/CVE-2023-33733.md https://nvd.nist.gov https://github.com/sahiloj/CVE-2023-33733

CVE-2023-33732

Vulnerability Summary

Github Repositories

References

Vulmon Search

About

Products

Connect