Vulnerabilities (CVE)

Filtered by vendor Progress Subscribe
Filtered by product Whatsup Gold
Total 44 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6366 1 Progress 1 Whatsup Gold 2024-02-28 N/A 5.4 MEDIUM
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center.   If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
CVE-2023-6365 1 Progress 1 Whatsup Gold 2024-02-28 N/A 5.4 MEDIUM
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a device group.   If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser.
CVE-2023-35759 1 Progress 1 Whatsup Gold 2024-02-28 N/A 6.1 MEDIUM
In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS.
CVE-2022-42711 1 Progress 1 Whatsup Gold 2024-02-28 N/A 9.6 CRITICAL
In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser.