Advisory Details

May 24th, 2023

Trend Micro Apex Central Cross-Site Scripting Remote Code Execution Vulnerability

ZDI-23-726
ZDI-CAN-18876

CVE ID CVE-2023-32533
CVSS SCORE 6.1, (AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)
AFFECTED VENDORS Trend Micro
AFFECTED PRODUCTS Apex Central
VULNERABILITY DETAILS

This vulnerability allows

ADDITIONAL DETAILS Trend Micro has issued an update to correct this vulnerability. More details can be found at:
https://success.trendmicro.com/solution/000293107
DISCLOSURE TIMELINE
  • 2022-12-29 - Vulnerability reported to vendor
  • 2023-05-24 - Coordinated public release of advisory
CREDIT Poh Jia Hao of STAR Labs
BACK TO ADVISORIES