In Progress Flowmon before 12.2.0, an application endpoint failed to sanitize user-supplied input. A threat actor could leverage a reflected XSS vulnerability to execute arbitrary code within the context of a Flowmon user's web browser.
References
Link | Resource |
---|---|
https://support.kemptechnologies.com/hc/en-us/articles/12736934205837 | Third Party Advisory |
https://www.flowmon.com/en | Product |
https://support.kemptechnologies.com/hc/en-us/articles/12736934205837 | Third Party Advisory |
https://www.flowmon.com/en | Product |
Configurations
History
21 Nov 2024, 07:50
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.kemptechnologies.com/hc/en-us/articles/12736934205837 - Third Party Advisory | |
References | () https://www.flowmon.com/en - Product |
03 May 2023, 10:39
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CWE | CWE-79 | |
CPE | cpe:2.3:o:progress:flowmon_os:*:*:*:*:*:*:*:* | |
References | (MISC) https://support.kemptechnologies.com/hc/en-us/articles/12736934205837 - Third Party Advisory | |
References | (MISC) https://www.flowmon.com/en - Product |
21 Apr 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-21 12:15
Updated : 2025-02-05 20:15
NVD link : CVE-2023-26100
Mitre link : CVE-2023-26100
CVE.ORG link : CVE-2023-26100
JSON object : View
Products Affected
progress
- flowmon_os
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')