CVE-2023-28650

Summary

An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target’s security context.

Affected Software

VendorProductVersion RangeStatus
SAUTEREY-AS525F001 with moduWeball versionsaffected

Weaknesses

  • CWE-79 Cross-site Scripting

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References