Security Advisory

CVE-2022-48612

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-16 00:00:00

Last updated 2024-09-16 18:55:47

Assigner mitre

State PUBLISHED

Description

A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10.7 allows remote attackers to inject JavaScript into any webpage, because a regular expression (validating whether a URL is controlled by ClassLink) is not present in all applicable places.

← Browse all CVEs View on cve.org ↗