CVE-2023-25551
CVSS V2 None
CVSS V3 None
Description
A CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site
Scripting') vulnerability exists on a DCE file upload endpoint when tampering with parameters
over HTTP.
Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)
Overview
- CVE ID
- CVE-2023-25551
- Assigner
- cybersecurity@se.com
- Vulnerability Status
- Undergoing Analysis
- Published Version
- 2023-04-18T21:15:08
- Last Modified Date
- 2023-04-18T21:25:05
Weakness Enumerations
References
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-25551 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25551 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2023-04-19 00:00:47 | Added to TrackCVE | |||
2023-04-19 00:00:49 | Weakness Enumeration | new | ||
2023-04-24 13:01:42 | Awaiting Analysis | Undergoing Analysis | Vulnerability Status | updated |