CVE-2023-42249

The software that is vulnerable is Selesta Visual Access Manager, specifically versions less than 4.42.2. The vulnerability is a Cross Site Scripting (XSS) vulnerability that can be exploited via vam/vam visits.php. This vulnerability has been assigned the CVE identifier CVE-2023-42249. There is a public reference to this vulnerability available, indicating that it has been disclosed and potentially has a public exploit. However, there is no information provided about whether this vulnerability has been actively exploited by attackers or how many Internet users could be affected. The vulnerability allows for Cross Site Scripting, which can be used to steal user data or take control of user sessions. More information about this vulnerability can be found at the provided URLs. #SelestaVisualAccessManager #CrossSiteScripting #XSS #CVE202342249 #Vulnerability #Security #Exploit