CVE-2023-32535 Information

Description

Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers.

This is similar to but not identical to CVE-2023-32531 through 32534.

Reference

https://www.zerodayinitiative.com/advisories/ZDI-23-857/ https://success.trendmicro.com/dcx/s/solution/000293107?language=en_US