Lucene search
K

4 matches found

OSV
OSV
added 2023/12/21 1:15 a.m.2 views

CVE-2023-28025

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed a...

4.8CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2023/12/21 1:15 a.m.31 views

CVE-2023-28025

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed a...

6.6CVSS0.00313EPSS
Exploits0References1
CVE
CVE
added 2023/12/21 12:32 a.m.56 views

CVE-2023-28025

CVE-2023-28025 affects HCL Technologies BigFix Mobile / Modern Client Management (including v3.1 and prior per multiple sources). The issue is a stored XSS via the ability to inject an SVG tag into HTML, resulting in an alert cookie pop-up. Root cause is improper input handling that allows SVG ma...

6.6CVSS5.1AI score0.00313EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/21 12:32 a.m.28 views

CVE-2023-28025 An HTML injection vulnerability can affect HCL BigFix Mobile / Modern Client Management

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed a...

6.6CVSS6.3AI score0.00313EPSS
Exploits0References1
Rows per page
Query Builder