Security Advisory

CVE-2023-28799

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-06-22 19:06:24

Last updated 2024-12-05 17:43:58

Assigner Zscaler

State PUBLISHED

Description

A URL parameter during login flow was vulnerable to injection. An attacker could insert a malicious domain in this parameter, which would redirect the user after auth and send the authorization token to the redirected domain.

← Browse all CVEs View on cve.org ↗