CVE-2023-40461
EUVD-2023-4503204.12.2023, 23:15
The ACEManager component of ALEOS 4.16 and earlier allows an authenticated user with Administrator privileges to access a file upload field which does not fully validate the file name, creating a Stored Cross-Site Scripting condition.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| sierrawireless | aleos | 𝑥 ≤ 4.16.0 |
𝑥
= Vulnerable software versions