CVE-2023-28025

Summary

Due to this vulnerability, the Master operator could potentially incorporate an SVG tag into HTML, leading to an alert pop-up displaying a cookie. To mitigate stored XSS vulnerabilities, a preventive measure involves thoroughly sanitizing and validating all user inputs before they are processed and stored in the server storage.

Affected Software

VendorProductVersion RangeStatus
HCL SoftwareHCL BigFix Mobile / Modern Client Management<= 3.1affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References