cvedb.io
CVE-2023-2819
MEDIUM · CVSS 4.3
EPSS exploitation probability: 0%
Published 2023-06-14T22:15:09.203 · Last modified 2026-06-17T05:53:30.977

Summary

A stored cross-site scripting vulnerability in the Sources UI in Proofpoint Threat Response/ Threat Response Auto Pull (PTR/TRAP) could allow an authenticated administrator on an adjacent network to replace the image file with an arbitrary MIME type.  This could result in arbitrary javascript code execution in an admin context. All versions prior to 5.10.0 are affected.  

Affected products

proofpoint — threat_response_auto_pull

Does this affect you?

Add your gear to cvedb and we'll alert you only when proofpoint ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.