2 matches found
CVE-2023-46126 Fides JavaScript Injection Vulnerability in Privacy Center URL
Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in runtime environments, helping enforce privacy regulations in code. The Fides web application allows users to edit consent and privacy notices such as cookie banners. The vulnerability mak...
CVE-2023-46126
CVE-2023-46126 affects Fides: a JavaScript injection risk in the privacy policy URL editable by Admin UI users with contributor+ permissions. The flaw allows crafting a payload in the privacy policy URL that executes JavaScript when the privacy notice is served by an integrated website; the execu...