← back
CVE-2023-5451

CVE-2023-5451

CVSS 6.1 MEDIUMEPSS 0.3%CWE-79
Forcepoint NGFW Security Management Center Management Server has SMC Downloads optional feature to offer standalone Management Client downloads and ECA configuration downloads. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Forcepoint Next Generation Firewall Security Management Center (SMC Downloads feature) allows Reflected XSS. This issue affects Next Generation Firewall Security Management Center : before 6.10.13, from 6.11.0 before 7.1.2.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
Forcepoint · Next Generation Firewall Security Management Center

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://support.forcepoint.com/s/article/000042395