Arbitrary Code Execution via Cross Site Scripting (XSS) in NASA Open MCT
CVE-2023-45885 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Cross Site Scripting (XSS) vulnerability in NASA Open MCT (aka openmct) through 3.1.0 allows attackers to run arbitrary code via the new component feature in the flexibleLayout plugin.
Learn more about our Web Application Penetration Testing UK.