JavaScript Injection and Privilege Escalation in Pacparser before 1.4.2
CVE-2023-37360 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (which may be realistic within enterprise security products).
Learn more about our Web Application Penetration Testing UK.