Total
44 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-6366 | 1 Progress | 1 Whatsup Gold | 2024-02-28 | N/A | 5.4 MEDIUM |
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. | |||||
CVE-2023-6365 | 1 Progress | 1 Whatsup Gold | 2024-02-28 | N/A | 5.4 MEDIUM |
In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. | |||||
CVE-2023-35759 | 1 Progress | 1 Whatsup Gold | 2024-02-28 | N/A | 6.1 MEDIUM |
In Progress WhatsUp Gold before 23.0.0, an SNMP-related application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. | |||||
CVE-2022-42711 | 1 Progress | 1 Whatsup Gold | 2024-02-28 | N/A | 9.6 CRITICAL |
In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser. |