CVE-2024-3378
Affected product/versions: iboss Secure Web Gateway up to 10.1. The issue resides in the Login Portal’s /login path, where manipulating the redirectUrl parameter can trigger a cross-site scripting (XSS) vulnerability. Root cause: improper handling of redirectUrl within the login flow. Impact: rem...