CVE-2023-43065

CWE-79 — Cross-site Scripting (XSS)3 documents3 sources

Severity

5.4MEDIUM

EPSS

0.0%

top 88.09%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Dell Unity Operating Environment Dell Unity XT Operating Environment Dell Unityvsa Operating Environment +1 more

Timeline

PublishedOct 23

Description

Dell Unity prior to 5.3 contains a Cross-site scripting vulnerability. A low-privileged authenticated attacker can exploit these issues to obtain escalated privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:L/A:LExploitability: 2.3 | Impact: 2.7

Affected Packages4 packages

▶NVDdell/unity_operating_environment< 5.3.0.0.5.120

▶NVDdell/unity_xt_operating_environment< 5.3.0.0.5.120

▶NVDdell/unityvsa_operating_environment< 5.3.0.0.5.120

▶CVEListV5dell/unityVersions prior to 5.3.0.0.5.120

🔴Vulnerability Details

GHSA

GHSA-xw7q-2j98-xv6p: Dell Unity prior to 5↗2023-10-23

▶

CVEList

CVE-2023-43065: Dell Unity prior to 5↗2023-10-23

▶