CVE-2023-45222 Information

Description

An attacker with access to the web application that has the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the utorefresh\ parameter.

Reference

https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-04