CVE-2023-41176
published 2024-01-23CVE-2023-41176: Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that…
PriorityP427medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
1.80%
75.7th percentile
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker.
Please note, this vulnerability is similar to, but not identical to, CVE-2023-41177.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| trend_micro_inc | trend_micro_mobile_security_for_enterprise | >= 9.8 SP5 < 9.8.3311 | 9.8.3311 |
| trendmicro | mobile_security | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xw3v-x6gq-q358: Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victi
ghsa_unreviewed·2024-01-23·CVSS 6.1
CVE-2023-41178 [MEDIUM] CWE-79 GHSA-xw3v-x6gq-q358: Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victi
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker.
Please note, this vulnerability is similar to, but not identical to, CVE-2023-41176.
GHSA
GHSA-79x7-r2x4-xpj2: Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victi
ghsa_unreviewed·2024-01-23·CVSS 6.1
CVE-2023-41176 [MEDIUM] CWE-79 GHSA-79x7-r2x4-xpj2: Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victi
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker.
Please note, this vulnerability is similar to, but not identical to, CVE-2023-41177.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-01-23
Published