Cross-Site Scripting Vulnerability in Trellix Central Management (CM)
CVE-2023-6072 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
A cross-site scripting vulnerability in Trellix Central Management (CM) prior to 9.1.3.97129 allows a remote authenticated attacker to craft CM dashboard internal requests causing arbitrary content to be injected into the response when accessing the CM dashboard.
Learn more about our Internal Network Penetration Testing.