Medium severity6.1NVD Advisory· Published Jan 23, 2024· Updated Jun 17, 2026
CVE-2023-45889
CVE-2023-45889
Description
A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10.8 allows remote attackers to inject JavaScript into any webpage. NOTE: this issue exists because of an incomplete fix for CVE-2022-48612.
Affected products
2- ClassLink/OneClick Extensiondescription
- Range: <=10.8
Patches
Vulnerability mechanics
References
2- blog.zerdle.net/classlink2/nvdExploitThird Party Advisory
- blog.zerdle.net/classlink/nvdThird Party Advisory
News mentions
0No linked articles in our index yet.