CVE-2023-4932 | SAS Integration Technologies up to 9.4_M8 URL /SASStoredProcess/do _program cross site scripting

Posted by Angelo Barbosa | Dec 12, 2023 | CVE

A vulnerability was found in SAS Integration Technologies up to 9.4_M8 and classified as problematic. Affected by this issue is some unknown functionality of the file /SASStoredProcess/do of the component URL Handler. The manipulation of the argument _program leads to cross site scripting.

This vulnerability is handled as CVE-2023-4932. The attack may be launched remotely. There is no exploit available.

CVE-2023-4932 | SAS Integration Technologies up to 9.4_M8 URL /SASStoredProcess/do _program cross site scripting

Related Posts

CVE-2024-0361 | PHPGurukul Hospital Management System 1.0 admin/contact.php mobnum sql injection

CVE-2024-7049 | open-webui up to 0.3.8 wrong session

CVE-2024-39943 | Rejetto HTTP File Server up to 0.52.9 on Linux/Unix/macOS Upload Node.js child_process Privilege Escalation

CVE-2023-52947 | Synology Active Backup for Business Agent prior 2.7.0-3221 logout missing authentication (SA_24_11)