CVE-2023-0125

Name of the Vulnerable Software and Affected Versions Control iD Gerencia Web version 1.30 Control iD Panel (affected versions not specified)

Description A vulnerability was found in the Web Interface component, where the manipulation of the Nome argument leads to cross-site scripting. The attack can be launched remotely.

Recommendations For Control iD Gerencia Web version 1.30, consider disabling the Web Interface component until a patch is available. For Control iD Panel, restrict access to the Web Interface to minimize the risk of exploitation. Avoid using the Nome argument in the affected Web Interface until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.