CVE-2023-20868

Summary

NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages.

Affected Software

VendorProductVersion RangeStatus
n/aNSX-TNSX-T 3.2.x VCF 4.5.xaffected

Weaknesses

  • Reflected cross-site scripting vulnerability

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References