CVE-2023-30949
4.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Summary
A missing origin validation in Slate sandbox could be exploited by a malicious user to modify the page's content, which could lead to phishing attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Palantir | com.palantir.slate:slate | * < 6.207.0 | affected |
Weaknesses
- CWE-1173: The product does not use, or incorrectly uses, an input validation framework that is provided by the source language or an independent library.
ADP Enrichment
CVE Program Container
Additional References
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.