CVE-2023-52430
The CVE-2023-52430 entry concerns the caddy-security plugin for Caddy (version 1.1.20). A reflected Cross-Site Scripting (XSS) vulnerability exists in GET requests where the URL payload begins with /admin or /settings/mfa/delete/. Root cause: insufficient input sanitization in handling those endp...