Helpsystems: >> Cobalt Strike >> 4.7.1 Security Vulnerabilities
CVE-2022-42948
Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.
Known exploited
CVSS Score
9.8
EPSS Score
0.117
Published
2023-03-24