Cross-Site Scripting Vulnerability in Trend Micro Apex Central
CVE-2023-52330

6.1MEDIUM

Key Information:

Vendor
Trend Micro
Status
Trend Micro Apex Central
Vendor
CVE Published:
23 January 2024

Summary

A cross-site scripting vulnerability in Trend Micro Apex Central allows attackers to craft malicious pages that, if visited by users, can lead to arbitrary code execution on affected systems. This vulnerability requires user interaction, making it crucial for organizations to educate users about the risks of opening untrusted links or files.

Affected Version(s)

Trend Micro Apex Central 2019 < 8.0.0.6570

References

https://success.trendmicro.com/dcx/s/solution/000296153?l...
https://www.zerodayinitiative.com/advisories/ZDI-24-051/

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.