CVE-2023-45992
RUCKUS Cloudpath Persistent XSS and CSRF Vulnerability Enables Privilege Escalation.
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in the RUCKUS Cloudpath web interface may allow an unauthenticated attacker to execute persistent cross-site scripting and cross-site request forgery attacks. Successful exploitation could lead to an attacker gaining full administrative privileges on the system. Confirming if this technology is in use a