CVE-2024-36359 – Trend Micro InterScan Web Security Virtual Appliance Cross-Site Scripting Privilege Escalation Vulnerability

https://notcve.org/view.php?id=CVE-2024-36359

06 Jun 2024 — A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 could allow an attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. Una vulnerabilidad de Cross-Site Scripting (XSS) en Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 podría permitir a un atacante escalar privilegios en las instal... • https://success.trendmicro.com/dcx/s/solution/000298065 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •