CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-32659

SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.6%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01
https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01

Products affected by CVE-2023-32659

Subnet » Powersystem Center » Version: Any

cpe:2.3:a:subnet:powersystem_center:*
Subnet » Powersystem Center » Version: 2020

cpe:2.3:a:subnet:powersystem_center:2020

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-32659

Products

Pricing

Contact Us