PT-2023-30046 · Timetec · Timetec Awdms

Fengniange

Published

2023-11-08

Updated

2024-09-03

CVE-2023-46483

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions timetec AWDMS version 2.0

Description A Cross Site Scripting issue allows an attacker to obtain sensitive information via a crafted payload to the remark parameter of the New Zone function.

Recommendations For timetec AWDMS version 2.0, consider restricting access to the New Zone function until a patch is available. As a temporary workaround, avoid using the remark parameter in the New Zone function to minimize the risk of exploitation.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2023-46483

Affected Products

Timetec Awdms

PT-2023-30046 · Timetec · Timetec Awdms

CVE-2023-46483

Weakness Enumeration

Related Identifiers

Affected Products

References · 6