Vulnerability: App Loader Redirection and Script Injection

Vulnerability: App Loader Redirection and Script Injection

CVE-2023-41708 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References to the "app loader" functionality could contain redirects to unexpected locations. Attackers could forge app references that bypass existing safeguards to inject malicious script code. Please deploy the provided updates and patch releases. References to apps are now controlled more strict to avoid relative references. No publicly available exploits are known.

Learn more about our Web Application Penetration Testing UK.