Stored Cross-Site Scripting Vulnerability in Broadcom's Advanced Secure Gateway
CVE-2023-23954

5.4MEDIUM

Key Information:

Vendor: Broadcom
Status: Advanced Secure Gateway, Content Analysis
Vendor: CVE Published:; 1 June 2023

What is CVE-2023-23954?

A vulnerability has been identified in Broadcom's Advanced Secure Gateway and Content Analysis systems, which may be exploited through Stored Cross-Site Scripting. This issue arises from improper handling of user-supplied data, allowing an attacker to inject malicious scripts that could execute in the context of another user's session. It is crucial for users to update to the recommended versions to mitigate the risk associated with this vulnerability.

Affected Version(s)

Advanced Secure Gateway, Content Analysis 7.3.13.1, 3.1.6..0

References

https://support.broadcom.com/web/ecx/support-content-noti...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2023
Vulnerability Reserved
Jan 19, 2023