CVE-2023-4093

Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to inject malicious JavaScript code, compromise the victim's browser and take control of it, redirect the user to malicious domains or access information being viewed by the legitimate user.
Configurations

Configuration 1 (hide)

cpe:2.3:a:fujitsu:arconte_aurea:1.5.0.0:*:*:*:*:*:*:*

History

21 Sep 2023, 13:16

Type Values Removed Values Added
CWE CWE-79
First Time Fujitsu arconte Aurea
Fujitsu
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1
CPE cpe:2.3:a:fujitsu:arconte_aurea:1.5.0.0:*:*:*:*:*:*:*
References (MISC) https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea - (MISC) https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea - Third Party Advisory

19 Sep 2023, 14:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-19 14:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-4093

Mitre link : CVE-2023-4093

CVE.ORG link : CVE-2023-4093


JSON object : View

Products Affected

fujitsu

  • arconte_aurea
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')