CVE-2023-1287

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ENOVIA Live Collaboration version V6R2013xE

Description An XSL template vulnerability in the software allows Remote Code Execution.

Recommendations For ENOVIA Live Collaboration version V6R2013xE, update to a version that fixes the XSL template vulnerability to prevent Remote Code Execution.

Fix

Special Elements Injection

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74CWE-94

Related Identifiers

CVE-2023-1287

Affected Products

Enovia Live Collaboration

CVE-2023-1287

Weakness Enumeration

Related Identifiers

Affected Products

References · 6