CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28025

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.1%

CVSS Severity

CVSS v3 Score 6.6

References

https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109318
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109318

Products affected by CVE-2023-28025

Hcltech » Bigfix Modern Client Management » Version: 2.0

cpe:2.3:a:hcltech:bigfix_modern_client_management:2.0
Hcltech » Bigfix Modern Client Management » Version: 2.1

cpe:2.3:a:hcltech:bigfix_modern_client_management:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28025

Products

Pricing

Contact Us