CVE-2023-31703
Description
Cross Site Scripting (XSS) in the edit user form in Microworld Technologies eScan management console 14.0.1400.2281 allows remote attacker to inject arbitrary code via the from parameter.
NVD
Severity: CRITICAL
CVE ID: CVE-2023-31703
CVSS Score: 9.0
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
Proof Of Concept
sahiloj
Cross Site Scripting (XSS) in eScan Management Console
Refrence: GitHub