Security Advisory

CVE-2023-42222

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-09-28 00:00:00

Last updated 2024-08-02 19:16:51

Assigner mitre

State PUBLISHED

Description

WebCatalog before 49.0 is vulnerable to Incorrect Access Control. WebCatalog calls the Electron shell.openExternal function without verifying that the URL is for an http or https resource, in some circumstances.

← Browse all CVEs View on cve.org ↗