Unauthenticated Remote Code Execution via Malicious JavaScript Payload

Unauthenticated Remote Code Execution via Malicious JavaScript Payload

CVE-2023-28650 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target’s security context.

Learn more about our User Device Pen Test.