CVE-2023-26599 Information

Description

XSS vulnerability in TripleSign in Tripleplay Platform releases prior to Caveman 3.4.0 allows attackers to inject client-side code to run as an authenticated user via a crafted link.

Reference

https://tripleplay.tv/wp-content/uploads/2023/03/CVE-2023-26599-Summary.pdf https://tripleplay.tv