Unrated severityNVD Advisory· Published Dec 21, 2023· Updated Aug 2, 2024
An HTML injection vulnerability can affect HCL BigFix Mobile / Modern Client Management
CVE-2023-28025
Description
Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.
Affected products
1- Range: <= 3.1
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.