Security Advisory

CVE-2023-44272

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-04 08:07:46
Last updated 2024-09-19 19:55:17
Assigner jpcert
State PUBLISHED

Description

A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user.