MidnightBSD

Advisories for assemblysoftware

CVE-2023-37613

A cross-site scripting (XSS) vulnerability in Assembly Software Trialworks v11.4 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the asset src parameter.

Products Affected

Vendor Product Version
assemblysoftware trialworks 11.4