Stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x
CVE-2023-3588

5.4MEDIUM

Key Information:

Vendor

Dassault Systèmes

Status
Teamwork Cloud - Business Edition
Teamwork Cloud - Enterprise Edition
Teamwork Cloud - Business Pro Edition
Teamwork Cloud - Standard Edition
Vendor
CVE Published:
13 September 2023

What is CVE-2023-3588?

A stored Cross-site Scripting (XSS) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x allows an attacker to execute arbitrary script code.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Teamwork Cloud - Business Edition No Magic Release 2021x Golden

Teamwork Cloud - Business Edition No Magic Release 2022x Golden

Teamwork Cloud - Business Pro Edition No Magic Release 2021x Golden

References

https://www.3ds.com/vulnerability/advisories

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Johannes RĂĽckert from mgm security partners GmbH
JSON
.