CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2023-32605: Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due...

0.0 CVSS

Description

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues.

Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability.

This is similar to, but not identical to CVE-2023-32604.

Classification

CVE ID: CVE-2023-32605

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Trend Micro, Inc.

Product: Trend Micro Apex Central

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 20.78% (scored less or equal to compared to others)

EPSS Date: 2025-02-03 (when was this score calculated)

References

https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US

Timeline

2024-12-06 00:31:47 UTC
CVE

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due...