CVE-2023-28017

Name of the Vulnerable Software and Affected Versions HCL Connections (affected versions not specified)

Description The issue allows an attacker to execute arbitrary script code in the browser of an unsuspecting user after visiting a vulnerable URL, leading to the execution of malicious script code. This may enable the attacker to steal cookie-based authentication credentials and compromise a user's account, then launch other attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.