CVE-2023-32969

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions QuTScloud versions prior to 5.1.5.2651 QTS versions prior to 5.1.4.2596 build 20231128 QuTS hero versions prior to 5.1.4.2596 build 20231128

Description A cross-site scripting (XSS) vulnerability has been reported to affect Network & Virtual Switch. If exploited, the vulnerability could allow authenticated administrators to inject malicious code via a network.

Recommendations For QuTScloud versions prior to 5.1.5.2651, update to version 5.1.5.2651 or later. For QTS versions prior to 5.1.4.2596 build 20231128, update to version 5.1.4.2596 build 20231128 or later. For QuTS hero versions prior to 5.1.4.2596 build 20231128, update to version 5.1.4.2596 build 20231128 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2023-32969

Affected Products

Qts

Quts Hero

Qutscloud

CVE-2023-32969

Weakness Enumeration

Related Identifiers

Affected Products

References · 8