CVE-2022-1293

Summary

The embedded neutralization of Script-Related HTML Tag, was by-passed in the case of some extra conditions.

Affected Software

VendorProductVersion RangeStatus
ThalesCitadel Web Client7.1.1 < 7.1.2affected
ThalesCitadel Macosx Desktop Client7.1.1 < 7.1.2affected
ThalesCitadel Windows Desktop Client7.1.1 < 7.1.2affected

Weaknesses

  • CWE-80: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

ADP Enrichment

CVE Program Container

Additional References

References