Cross-Site Scripting Vulnerability in Citadel Versions Prior to 994

Cross-Site Scripting Vulnerability in Citadel Versions Prior to 994

CVE-2023-44272 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user.

Learn more about our Web App Pen Testing.