CVE-2023-46483

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Nov 8, 2023

Updated: Nov 14, 2023

CWE ID 79

Summary

CVE-2023-46483 is a Cross-Site Scripting (XSS) vulnerability discovered in timetec AWDMS version 2.0. This issue permits an attacker to inject malicious scripts into a web application by exploiting the remark parameter of the New Zone function. Successful exploitation could result in the attacker gaining unauthorized access to sensitive information. Users are advised to update their timetec AWDMS installation as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tGo3sG
https://www.cve.org/CVERecord?id=CVE-2023-46483
https://nvd.nist.gov/vuln/detail/CVE-2023-46483

Back to Vulnerability Database

CVE-2023-46483

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations