Proofpoint Enterprise Protection contains a stored XSS vulnerability in the AdminUI. An unauthenticated attacker can send a specially crafted email with HTML in the subject which triggers XSS when viewing quarantined messages. This issue affects Proofpoint Enterprise Protection: from 8.20.0 before patch 4796, from 8.18.6 before patch 4795 and all other prior versions.
References
Link | Resource |
---|---|
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0010 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Proofpoint
Published: 2023-11-06T20:06:28.575Z
Updated: 2023-11-06T20:06:30.766Z
Reserved: 2023-10-25T17:57:54.611Z
Link: CVE-2023-5771
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-06T21:15:10.203
Modified: 2023-11-14T19:02:58.840
Link: CVE-2023-5771
JSON object: View
Redhat Information
No data.
CWE