CVE-2023-2819

Name of the Vulnerable Software and Affected Versions Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) versions prior to 5.10.0

Description A stored cross-site scripting issue in the Sources UI could allow an authenticated administrator on an adjacent network to replace an image file with an arbitrary MIME type, potentially resulting in arbitrary javascript code execution in an admin context.

Recommendations For versions prior to 5.10.0, update to version 5.10.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Sources UI to minimize the risk of exploitation.