Unauthenticated Remote Code Execution via Malicious JavaScript Payload
CVE-2023-28650 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
An unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target’s security context.
Learn more about our User Device Pen Test.