PT-2023-19316 · Broadcom · Symantec Identity Governance/Administration+1

Christopher Vella

·

Published

2023-01-24

·

Updated

2023-02-06

·

CVE-2023-23949

CVSS v3.1

8.1

High

VectorAV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Name of the Vulnerable Software and Affected Versions No specific software or versions mentioned.
Description The issue allows an authenticated user to inject malicious HTML and JavaScript code, which will be executed in the client's browser.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-779CWE-79

Related Identifiers

CVE-2023-23949

Affected Products

Symantec Identity Governance/Administration
Symantec Identity Manager