CVE-2023-4523

Name of the Vulnerable Software and Affected Versions Real Time Automation 460 Series products versions prior to 8.9.8

Description The issue allows an attacker to run any JavaScript reference from the URL string, which could lead to a cross-site scripting attack. If this occurs, the gateway's HTTP interface would redirect to the main page, index.htm.

Recommendations For versions prior to 8.9.8, update to version 8.9.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the HTTP interface to minimize the risk of exploitation.