Security Advisory

CVE-2023-52430

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-02-12 00:00:00

Last updated 2025-05-06 18:48:45

Assigner mitre

State PUBLISHED

Description

The caddy-security plugin 1.1.20 for Caddy allows reflected XSS via a GET request to a URL that contains an XSS payload and begins with either a /admin or /settings/mfa/delete/ substring.

← Browse all CVEs View on cve.org ↗