Security Advisory

CVE-2023-47623

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-13 21:38:14

Last updated 2024-08-02 21:16:42

Assigner GitHub_M

State PUBLISHED

Description

Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the login page via the `redirect_uri` parameter. By specifying a url with the javascript scheme (`javascript:`), an attacker can run arbitrary JavaScript code after the login.

← Browse all CVEs View on cve.org ↗