CVE-2023-32192 Information

Description

A vulnerability has been identified in which unauthenticated cross-site scripting (XSS) in the API Server’s public API endpoint can be exploited allowing an attacker to execute arbitrary JavaScript code in the victim browser

Reference

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32192 https://github.com/rancher/apiserver/security/advisories/GHSA-833m-37f7-jq55