CVE-2023-40519

Summary

CVE-2023-40519 is a cross-site scripting (XSS) vulnerability found in the login portal of Broadpeak Centralized Accounts Management Auth Agent versions 01.01.00.19219575_ee9195b0, 01.01.01.30097902_fd999e76, and 00.12.01.9565588_1254b459. This vulnerability allows remote attackers to inject arbitrary web script or HTML through the disconnectMessage parameter. The vulnerability has a base severity rating of MEDIUM with a base score of 6.1 according to [email protected], indicating that it poses a moderate threat to organizations. The exploitability score is 2.8 out of 10, suggesting that it is relatively easy to exploit without requiring special privileges from the attacker or user interaction. The impact on integrity and confidentiality is low, but organizations should still take immediate action to remediate this vulnerability to prevent potential attacks on their systems and protect sensitive information from being compromised. Note: The paragraph above is generated based on the provided information and does not include any additional research beyond what was provided in the text snippet.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.