CVE-2023-3937
Cross site scripting vulnerabilities in Snow License Manager
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.8EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
11 Aug 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Cross site scripting vulnerability in web portal in Snow Software License Manager from version 9.0.0 up to and including 9.30.1 on Windows allows an authenticated user with high privileges to trigger cross site scripting attack via the web browser
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Affected products
Snow Software · Snow License ManagerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →