First published: Mon Nov 20 2023(Updated: )
Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6 allows a remote attacker to execute arbitrary code via crafted telecommand in the timeline view of the ArchiveBrowser.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Spaceapplications Yacms | =5.8.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-46470 is a Cross Site Scripting vulnerability in Space Applications Services Yamcs v.5.8.6.
CVE-2023-46470 allows a remote attacker to execute arbitrary code via a crafted telecommand in the timeline view of the ArchiveBrowser.
CVE-2023-46470 has a severity rating of medium (5.4).
To fix CVE-2023-46470, it is recommended to upgrade to a version of Space Applications Services Yamcs that is not affected by this vulnerability.
You can find more information about CVE-2023-46470 at this LinkedIn post: [https://www.linkedin.com/pulse/more-xss-clickjacking-yamcs-v586-visionspace-technologies-uvevf](https://www.linkedin.com/pulse/more-xss-clickjacking-yamcs-v586-visionspace-technologies-uvevf)