HTML Injection Vulnerability on Serv-U 15.4
(CVE-2023-40053)
Summary
A vulnerability has been identified within Serv-U 15.4 that allows an authenticated actor to insert content on the file share function feature of Serv-U, which could be used maliciously.
Affected Products
- Serv-U 15.4 HF2 and earlier
Fixed Software Release
Advisory Details
Severity
4.6 Medium
Advisory ID
First Published
12/05/2023
Last Updated
12/05/2023