Cross-Site Scripting Vulnerability 

(CVE-2023-33231)

Summary

XSS attack was possible in DPA 2023.2 due to insufficient input validation.

Affected Products

Database Performance Analyzer (DPA) 2023.2 and previous versions

Fixed Software Release

Database Performance Analyzer (DPA) 2023.2.100

Acknowledgments

Shashank Chaurasia

Advisory Details

Severity

5.4 Medium

Advisory ID

First Published

07/18/2023

Last Updated

07/18/2023

Bugs IDs

CVE-2023-33231