A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability.
References
Link | Resource |
---|---|
https://github.com/nixwizard/CVE-2018-15365/ | Exploit Mitigation Third Party Advisory |
https://success.trendmicro.com/solution/1121079 | Mitigation Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: trendmicro
Published: 2018-09-28T17:00:00
Updated: 2018-09-28T16:57:01
Reserved: 2018-08-16T00:00:00
Link: CVE-2018-15365
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-09-28T17:29:00.297
Modified: 2018-11-16T12:54:26.190
Link: CVE-2018-15365
JSON object: View
Redhat Information
No data.
CWE