CVE Daily

CVE-2023-31298

Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimi...

Medium CVSS 4.8

Overview

Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.

CWE: CWE-79 Published: 2023-12-29T02:15:45.037
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 4.8 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags