VYPR
leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.7.1-231128, 1.8.0-231127 and 1.8.1-231127 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-246104.","additionalType":"https://schema.org/SoftwareApplication","sameAs":["https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6275"]},"keywords":"CVE-2023-6275, Low, Totara Fluig Platform, Totara Fluig Platform","mentions":[{"@type":"SoftwareApplication","name":"Fluig Platform","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Totara"}},{"@type":"SoftwareApplication","name":"Fluig Platform","applicationCategory":"SecurityApplication","publisher":{"@type":"Organization","name":"Totara"}}],"isAccessibleForFree":true},{"@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://portal.vyprsec.ai/"},{"@type":"ListItem","position":2,"name":"CVEs","item":"https://portal.vyprsec.ai/cves"},{"@type":"ListItem","position":3,"name":"CVE-2023-6275","item":"https://portal.vyprsec.ai/cves/CVE-2023-6275"}]}]}
Low severity3.5NVD Advisory· Published Nov 24, 2023· Updated Jun 17, 2026

CVE-2023-6275

CVE-2023-6275

Description

A vulnerability was found in TOTVS Fluig Platform 1.6.x/1.7.x/1.8.0/1.8.1. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /mobileredir/openApp.jsp of the component mobileredir. The manipulation of the argument redirectUrl/user with the input "> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.7.1-231128, 1.8.0-231127 and 1.8.1-231127 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-246104.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Totara/Fluig Platformllm-create2 versions
    1.6.x, 1.7.x, 1.8.0, 1.8.1+ 1 more
    • (no CPE)range: 1.6.x, 1.7.x, 1.8.0, 1.8.1
    • (no CPE)range: 1.6.x

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.