High severity8.2NVD Advisory· Published May 31, 2024· Updated Apr 15, 2026
CVE-2023-38551
CVE-2023-38551
Description
A CRLF Injection vulnerability in Ivanti Connect Secure (9.x, 22.x) allows an authenticated high-privileged user to inject malicious code on a victim’s browser, thereby leading to cross-site scripting attack.
Affected products
1- Range: >=9, <10 or >=22, <23
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.