Arbitrary Code Injection via Cross Site Scripting (XSS) in Microworld Technologies eScan Management Console 14.0.1400.2281
CVE-2023-31703 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.
Learn more about our User Device Pen Test.