In Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Palantir
Published: 2023-09-26T17:56:20.817Z
Updated: 2024-08-02T14:45:24.249Z
Reserved: 2023-04-21T11:25:51.028Z
Link: CVE-2023-30959
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-09-27T15:18:51.997
Modified: 2023-11-07T04:14:08.880
Link: CVE-2023-30959
Redhat
No data.