2 matches found
CVE-2023-48003
An open redirect through HTML injection in user messages in Asp.Net Zero before 12.3.0 allows remote attackers to redirect targeted victims to any URL via the 'meta http-equiv="refresh"' in the WebSocket messages...
CVE-2023-48003
CVE-2023-48003 affects Asp.Net Zero versions prior to 12.3.0. Affected component is the handling of user messages transmitted over WebSocket, where HTML injection via the tag enables an open redirect to an attacker-controlled URL. Impact described as remote victims being redirected; no exploitat...