Vulnerabilities > CVE-2023-6098 - Unspecified vulnerability in Icssolution ICS Business Manager 7.06.0028.2802/7.06.0028.7066/7.06.0028.7089
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
LOW Availability impact
NONE Summary
An XSS vulnerability has been discovered in ICS Business Manager affecting version 7.06.0028.7066. A remote attacker could send a specially crafted string exploiting the obdd_act parameter, allowing the attacker to steal an authenticated user's session, and perform actions within the application.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |