PT-2023-12735 · Firmanet Software Technology · Firmanet Software/Technology Customer Relation Manager

Bugra Turkoglu

Publicado

2023-03-14

Atualizado

2026-05-20

CVE-2022-23791

CVSS v3.1

6.1

Média

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Firmanet Software and Technology Customer Relation Manager versions prior to 2022.03.13

Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS). This allows an attacker to perform Cross-Site Scripting attacks.

Recommendations For versions prior to 2022.03.13, update to a version released after 2022.03.13 to resolve the issue. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2022-23791

Produtos afetados

Firmanet Software/Technology Customer Relation Manager

PT-2023-12735 · Firmanet Software Technology · Firmanet Software/Technology Customer Relation Manager

CVE-2022-23791

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7