CVE-2023-38582

Name of the Vulnerable Software and Affected Versions MOD3GP-SY-120K (affected versions not specified)

Description The web application of MOD3GP-SY-120K contains a persistent cross-site scripting (XSS) issue. This allows an authenticated remote attacker to inject an XSS payload into the MAIL RCV field, which will be executed when a legitimate user accesses the vulnerable page. The issue arises due to inadequate protection of the web page structure, enabling remote attackers to perform XSS attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.