A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an attacker to execute persistent XSS through /setup_odbc in odbc_data_source, odbc_user and odbc_password parameters. This vulnerability could allow an attacker to store malicious JavaScript payloads on the system to be triggered when the page loads.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2024-05-24T12:39:32.532Z

Updated: 2024-08-02T22:01:25.500Z

Reserved: 2023-11-27T15:14:26.602Z

Link: CVE-2023-49572

cve-icon Vulnrichment

Updated: 2024-08-02T22:01:25.500Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-24T13:15:08.030

Modified: 2024-11-21T08:33:34.853

Link: CVE-2023-49572

cve-icon Redhat

No data.