CVE-2023-2509

Name of the Vulnerable Software and Affected Versions ADM versions 4.0.6.REG2 through 4.1.0 ADM versions 4.2.1.RGE2 and below LooksGood versions 2.0.0.R129 and below SoundsGood versions 2.3.0.r1027 and below

Description A Cross-Site Scripting(XSS) issue was found in the ADM, LooksGood, and SoundsGood Apps. This allows an attacker to inject malicious scripts into the target applications, accessing cookies or sensitive information retained by the browser and used with that application.

Recommendations For ADM versions 4.0.6.REG2 through 4.1.0, update to a version above 4.1.0. For ADM versions 4.2.1.RGE2 and below, update to a version above 4.2.1.RGE2. For LooksGood versions 2.0.0.R129 and below, update to a version above 2.0.0.R129. For SoundsGood versions 2.3.0.r1027 and below, update to a version above 2.3.0.r1027. As a temporary workaround, consider restricting access to sensitive information in the affected applications until a patch is available.