Skybox · Skybox Change Manager · CVE-2024-54853
**Name of the Vulnerable Software and Affected Versions**
Skybox Change Manager versions 13.2.170 and earlier
**Description**
A Stored Cross-Site Scripting issue was identified that allows remote authenticated users to store malicious payloads in an affected field, which would then execute in an unsuspecting victim's browser.
**Recommendations**
For Skybox Change Manager versions 13.2.170 and earlier, consider restricting access to the affected field to minimize the risk of exploitation until a patch is available.