CVE-2023-35759

Name of the Vulnerable Software and Affected Versions In Progress WhatsUp Gold versions prior to 23.0.0

Description The issue is related to an SNMP-related application endpoint that failed to adequately sanitize malicious input. This could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, also known as a cross-site scripting (XSS) attack.

Recommendations For versions prior to 23.0.0, update to version 23.0.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the SNMP-related application endpoint until a patch is available.