ITM Server Cross-site Scripting in WriteWindowTitle Endpoint
CVE-2023-4803

4.8MEDIUM

Key Information:

Vendor: Proofpoint
Status: Itm Server
Vendor: CVE Published:; 13 September 2023

What is CVE-2023-4803?

A reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to 7.14.3.69 are affected.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

ITM Server 0 <= 7.14.3

References

https://www.proofpoint.com/us/security/security-advisorie...

CVSS V3.1

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 13, 2023
Vulnerability Reserved
Sep 6, 2023

JSON

Proofpoint