CVE-2018-15365

A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability.
References
Link Resource
https://success.trendmicro.com/solution/1121079 Mitigation Vendor Advisory
https://github.com/nixwizard/CVE-2018-15365/ Exploit Mitigation
Configurations

Configuration 1

cpe:2.3:a:trendmicro:deep_discovery_inspector:*:*:*:*:*:*:*:*

Information

Published : 2018-09-28 05:29

Updated : 2018-11-16 12:54


NVD link : CVE-2018-15365

Mitre link : CVE-2018-15365

Products Affected
No products.
CWE