← Back to CVE List
CVE-2023-40461
The ACEManager
component of ALEOS 4.16 and earlier allows an
authenticated user
with Administrator privileges to access a file
upload field which
does not fully validate the file name, creating a
Stored Cross-Site
Scripting condition.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt