Vulnerability Details CVE-2023-38582
Persistent cross-site scripting (XSS) in the web application of MOD3GP-SY-120K allows an authenticated remote attacker to introduce arbitrary JavaScript by injecting an XSS payload into the field MAIL_RCV. When a legitimate user attempts to access to the vulnerable page of the web application, the XSS payload will be executed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.5%
CVSS Severity
CVSS v3 Score 6.3
References
Products affected by CVE-2023-38582
-
cpe:2.3:h:socomec:modulys_gp:-
-
cpe:2.3:o:socomec:modulys_gp_firmware:01.12.10