CVE

CVE-2023-25551

admin

CVE-2023-25551

A CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site
Scripting’) vulnerability exists on a DCE file upload endpoint when tampering with parameters
over HTTP.

Affected products: StruxureWare Data Center Expert (V7.9.2 and prior)

Source: CVE-2023-25551

Exit mobile version