First published: Tue Sep 19 2023(Updated: )
Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to inject malicious JavaScript code, compromise the victim's browser and take control of it, redirect the user to malicious domains or access information being viewed by the legitimate user.
Credit: cve-coordination@incibe.es cve-coordination@incibe.es
Affected Software | Affected Version | How to fix |
---|---|---|
Fujitsu Arconte Aurea | =1.5.0.0 | |
=1.5.0.0 |
This vulnerabilities have been fixed by Fujitsu in version 1.5.0.0, released on 4/4/2022. All new versions of the product, including the latest 1.6.2.3, also include the fixes.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-4093 is a reflected and persistent XSS vulnerability in Arconte Áurea version 1.5.0.0.
CVE-2023-4093 allows an attacker to inject malicious JavaScript code, compromise the victim's browser, redirect the user to malicious domains, or access information.
CVE-2023-4093 has a severity value of 6.1, which is considered medium.
To fix CVE-2023-4093, it is recommended to update Arconte Áurea to a version that includes a patch for the vulnerability.
More information about CVE-2023-4093 can be found at the following reference: [link](https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-fujitsu-arconte-aurea)