CVE-2023-6364

Name of the Vulnerable Software and Affected Versions WhatsUp Gold versions prior to 2023.1

Description A stored cross-site scripting (XSS) issue has been identified, allowing an attacker to craft a XSS payload and store it within a dashboard component. If a user interacts with the crafted payload, the attacker can execute malicious JavaScript within the context of the victim's browser.

Recommendations For versions prior to 2023.1, update to version 2023.1 or later to resolve the issue. As a temporary workaround, consider restricting access to dashboard components to minimize the risk of exploitation. Avoid interacting with suspicious or unknown dashboard components until the issue is resolved.