CVE-2023-28799
CVE-2023-28799 involves Zscaler Client Connector. The issue arises from insecure handling of a URL parameter in the login flow, enabling injection that can redirect users and exfiltrate the authorization token to an attacker-controlled domain. Public sources describe this as an input validation e...