4 matches found
CVE-2023-28800
When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login...
CVE-2023-28800
CVE-2023-28800 describes an XSS issue in Zscaler Client Connector caused by improper encoding of the redirect URL parameter when using local accounts for administration. The vulnerability allows an attacker to inject script via the redrurl parameter, potentially exposing admin login information. ...
CVE-2023-28800 Output encoding missing in redrurl parameter
When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login...
CVE-2023-28800 Output encoding missing in redrurl parameter
When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login...