CVE-2023-32537

EPSS 0.3%

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

26 Jun 2023Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Affected versions Trend Micro Apex Central (on-premise) are vulnerable to potential authenticated reflected cross-site scripting (XSS) attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in order to exploit this vulnerability. This is similar to, but not identical to CVE-2023-32536.

Affected products

Trend Micro, Inc. · Trend Micro Apex Central

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US