CVE-2023-38551 Information

Description

A CRLF Injection vulnerability in Ivanti Connect Secure (9.x 22.x) allows an authenticated high-privileged user to inject malicious code on a victim’s browser thereby leading to cross-site scripting attack.

Reference

https://forums.ivanti.com/s/article/Security-Advisory-May-2024