A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an attacker to execute persistent XSS through /setup_odbc in odbc_data_source, odbc_user and odbc_password parameters. This vulnerability could allow an attacker to store malicious JavaScript payloads on the system to be triggered when the page loads.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: INCIBE
Published: 2024-05-24T12:39:32.532Z
Updated: 2024-08-02T22:01:25.500Z
Reserved: 2023-11-27T15:14:26.602Z
Link: CVE-2023-49572

Updated: 2024-08-02T22:01:25.500Z

Status : Awaiting Analysis
Published: 2024-05-24T13:15:08.030
Modified: 2024-11-21T08:33:34.853
Link: CVE-2023-49572

No data.