CVE-2023-6366

Name of the Vulnerable Software and Affected Versions WhatsUp Gold versions prior to 2023.1

Description A stored cross-site scripting (XSS) issue has been identified, allowing an attacker to craft a XSS payload and store it within Alert Center. If a user interacts with the crafted payload, the attacker can execute malicious JavaScript within the context of the victim's browser.

Recommendations For versions prior to 2023.1, update to version 2023.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Alert Center to minimize the risk of exploitation.