CVE-2023-28347
- Reference to the description:
- Description:
- An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker to create a proof-of-concept script that functions similarly to a Student Console, providing unauthenticated attackers with the ability to exploit XSS vulnerabilities within the Teacher Console application and achieve remote code execution as NT AUTHORITY/SYSTEM on all connected Student Consoles and the Teacher Console in a Zero Click manner.
- Last updated date:
- 06/06/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 06/06/2023
- Reference url to background