CVE-2023-20884

Name of the Vulnerable Software and Affected Versions VMware Workspace One Access and VMware Identity Manager (affected versions not specified)

Description The issue is related to improper neutralization of special elements in output, which can be exploited by a remote attacker to redirect users to an arbitrary URL. This can lead to sensitive information disclosure. An unauthenticated malicious actor may redirect a victim to an attacker-controlled domain due to improper path handling.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.