Vulnerability Details CVE-2023-33732
Cross Site Scripting (XSS) in the New Policy form in Microworld Technologies eScan management console 14.0.1400.2281 allows a remote attacker to inject arbitrary code via the vulnerable parameters type, txtPolicyType, and Deletefileval.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.2%
CVSS Severity
CVSS v3 Score 6.1
References
Products affected by CVE-2023-33732
-
cpe:2.3:a:escanav:escan_management_console:14.0.1400.2281