PT-2024-13622 · Acronis · Acronis Cyber Protect
Und3Sc0N0C1D0
·
Published
2024-02-27
·
Updated
2024-02-28
·
CVE-2023-48681
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Acronis Cyber Protect 16 versions before build 37391
Description
A self cross-site scripting (XSS) vulnerability exists in the storage nodes search field. This issue allows for the execution of malicious scripts within the context of the affected application.
Recommendations
For Acronis Cyber Protect 16 versions before build 37391, update to build 37391 or later to resolve the issue. As a temporary workaround, consider restricting access to the storage nodes search field until a patch is applied.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acronis Cyber Protect