CVE-2023-32659

Name of the Vulnerable Software and Affected Versions SUBNET PowerSYSTEM Center versions 2020 U10 and prior

Description The issue allows an attacker to inject malicious code into report header graphic files, which could propagate out of the system and reach users who are subscribed to email notifications. This is a cross-site scripting vulnerability.

Recommendations For SUBNET PowerSYSTEM Center versions 2020 U10 and prior, update to a version later than 2020 U10 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.