VYPR
Unrated severityNVD Advisory· Published Dec 21, 2023· Updated Aug 2, 2024

An HTML injection vulnerability can affect HCL BigFix Mobile / Modern Client Management

CVE-2023-28025

Description

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.