Total
44 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6366 | 1 Progress | 1 Whatsup Gold | 2024-02-05 | N/A | 5.4 MEDIUM |
| In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Alert Center. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. | |||||
| CVE-2023-6365 | 1 Progress | 1 Whatsup Gold | 2024-02-05 | N/A | 5.4 MEDIUM |
| In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within a device group. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. | |||||
| CVE-2023-6367 | 1 Progress | 1 Whatsup Gold | 2024-02-05 | N/A | 5.4 MEDIUM |
| In WhatsUp Gold versions released before 2023.1, a stored cross-site scripting (XSS) vulnerability has been identified. It is possible for an attacker to craft a XSS payload and store that value within Roles. If a WhatsUp Gold user interacts with the crafted payload, the attacker would be able to execute malicious JavaScript within the context of the victims browser. | |||||
| CVE-2022-42711 | 1 Progress | 1 Whatsup Gold | 2024-02-04 | N/A | 9.6 CRITICAL |
| In Progress WhatsUp Gold before 22.1.0, an SNMP MIB Walker application endpoint failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser. | |||||