Symantec · Symantec Identity Portal · CVE-2023-23957
**Name of the Vulnerable Software and Affected Versions**
Symantec Identity Portal version 14.4
**Description**
An authenticated user can see and modify the value for the `next` query parameter.
**Recommendations**
For Symantec Identity Portal version 14.4, consider restricting access to the `next` query parameter to prevent unauthorized modifications until a patch is available.