VYPR
Unrated severityNVD Advisory· Published Jun 22, 2023· Updated Dec 6, 2024

Output encoding missing in redrurl parameter

CVE-2023-28800

Description

When using local accounts for administration, the redirect url parameter was not encoded correctly, allowing for an XSS attack providing admin login.

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.