CVE-2023-34637 Information

Description

A stored cross-site scripting (XSS) vulnerability in IsarNet AG IsarFlow v5.23 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the dashboard title parameter in the IsarFlow Portal.

Reference

https://www.mgm-sp.com/en/isarflow-xss-vulnerability/