A vulnerability has been discovered in VX Search Enterprise affecting version 10.2.14 that could allow an attacker to execute persistent XSS through /add_command_action in action_value. This vulnerability could allow an attacker to store malicious JavaScript payloads on the system to be triggered when the page loads.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2024-05-24T12:39:56.943Z

Updated: 2024-08-02T22:01:25.701Z

Reserved: 2023-11-27T15:14:26.602Z

Link: CVE-2023-49573

cve-icon Vulnrichment

Updated: 2024-08-02T22:01:25.701Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-05-24T13:15:08.630

Modified: 2024-11-21T08:33:34.997

Link: CVE-2023-49573

cve-icon Redhat

No data.