Vulnerabilities > Withsecure > F Secure Policy Manager > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-22 CVE-2023-43763 Cross-site Scripting vulnerability in Withsecure F-Secure Policy Manager 15.00
Certain WithSecure products allow XSS via an unvalidated parameter in the endpoint.
network
low complexity
withsecure CWE-79
6.1
2022-10-25 CVE-2022-38162 Cross-site Scripting vulnerability in Withsecure F-Secure Policy Manager
Reflected cross-site scripting (XSS) vulnerabilities in WithSecure through 2022-08-10) exists within the F-Secure Policy Manager due to an unvalidated parameter in the endpoint, which allows remote attackers to provide a malicious input.
network
low complexity
withsecure CWE-79
6.1