CVE-2023-24367
Temenos T24 R20 (Temenos T24 release 20) contains a reflected cross‑site scripting vulnerability via the routineName parameter in genrequest.jsp. An attacker can inject arbitrary JavaScript in the user’s browser, potentially stealing cookie‑based credentials and launching further attacks within t...