CVE-2023-39558

Name of the Vulnerable Software and Affected Versions AudimexEE version 15.0

Description The issue is related to multiple reflected cross-site scripting (XSS) vulnerabilities. These vulnerabilities are present in the Show Kai Data component. Cross-site scripting (XSS) is a type of security vulnerability that occurs when an attacker is able to inject malicious scripts into a website, which are then executed by the user's browser. Reflected XSS specifically refers to a scenario where the malicious script is reflected off the web server, meaning the script is included in the response from the server.

Recommendations For AudimexEE version 15.0, as a temporary workaround, consider disabling the Show Kai Data component until a patch is available. Restrict access to this component to minimize the risk of exploitation. Avoid using any functionality that may trigger the reflected XSS vulnerabilities in the Show Kai Data component until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.