PT-2023-27194 · Std.Cloud · Wxsync Plugin
Rio Darmawan
·
Publicado
2023-09-04
·
Atualizado
2023-09-06
·
CVE-2023-39988
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
std.Cloud WxSync plugin versions <= 2.7.23
Description
A Stored Cross-Site Scripting (XSS) vulnerability exists, allowing authenticated contributors to inject malicious scripts. The issue affects versions of the WxSync plugin up to and including 2.7.23.
Recommendations
For std.Cloud WxSync plugin versions <= 2.7.23, update to a version later than 2.7.23 to resolve the issue.
As a temporary workaround, consider restricting access to the WxSync plugin until a patch is available.
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wxsync Plugin