CVE-2023-38255

Name of the Vulnerable Software and Affected Versions MODULYS GP (MOD3GP-SY-120K) (affected versions not specified)

Description The issue exists due to a lack of protection for the web page structure, allowing a remote attacker to perform cross-site scripting (XSS) attacks. This could enable an attacker, with or without access to the device, to include malicious code when uploading new device configurations, potentially affecting the device's intended function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.