CVE-2023-4093 MEDIUM

CVE-2023-4093: Reflected and persistent XSS vulnerability in Fujitsu Arconte Áurea

Vendor Fujitsu
Product Arconte Áurea
Weakness CWE-79 · XSS
Published September 19, 2023
Last update September 6, 2024
View on NVD All CVEs

CVSS base score

5.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Reflected and persistent XSS vulnerability in Arconte Áurea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to inject malicious JavaScript code, compromise the victim's browser and take control of it, redirect the user to malicious domains or access information being viewed by the legitimate user.

Key dates

02Disclosure timeline

September 19, 2023 CVE published
September 6, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-2997 Bdtask Multi-Store Inventory Management System cross site scripting CVE-2025-49245 WordPress Testimonials Showcase plugin <= 1.9.16 - Reflected Cross Site Scripting (XSS) vulnerability CVE-2026-41575 th30d4y/IP: DOM-Based Cross-Site Scripting (XSS) Vulnerability CVE-2024-2734 Bold Page Builder <= 4.8.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via AI Features CVE-2024-3731 Customer Reviews for WooCommerce <= 5.47.0 - Reflected Cross-Site Scripting via 's'