Reflected Cross Site Scripting Vulnerabilities (XSS) in ClearPass Policy Manager Web-Based Management Interface
CVE-2023-25592
6.1MEDIUM
What is CVE-2023-25592?
The web-based management interface of ClearPass Policy Manager contains vulnerabilities that may enable a remote attacker to launch a reflected cross-site scripting (XSS) attack against users of the interface. If successfully exploited, this vulnerability permits the execution of arbitrary script code within a victim's browser, potentially allowing the attacker to manipulate the user’s experience or steal sensitive information.
Affected Version(s)
Aruba ClearPass Policy Manager 6.11.1 and below
Aruba ClearPass Policy Manager 6.10.8 and below
Aruba ClearPass Policy Manager 6.9.13 and below