Skip to main content

CVE-2023-31703

Description

Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.

NVD
Severity: CRITICAL
CVE ID: CVE-2023-31703
CVSS Score: 9.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

Refrence: NVD MITRE

Proof Of Concept

sahiloj

Cross Site Scripting (XSS) in eScan Management Console

Refrence: GitHub

Description
Proof Of Concept