CVE-2024-0314

Name of the Vulnerable Software and Affected Versions FireEye Central Management version 9.1.1.956704

Description The issue allows an attacker to modify special HTML elements in the application, causing a reflected XSS that could lead to session hijacking. This occurs because an attacker can modify these elements, allowing for the execution of malicious scripts.

Recommendations For version 9.1.1.956704, consider disabling any functionality that allows modification of special HTML elements until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of session hijacking.