In Apollo change requests, comments added by users could contain a javascript URI link that when rendered will result in an XSS that require user interaction.
References
Link | Resource |
---|---|
https://palantir.safebase.us/?tcuUid=4c257f07-58af-4532-892a-bdbe8ab3ec63 | Third Party Advisory |
https://palantir.safebase.us/?tcuUid=4c257f07-58af-4532-892a-bdbe8ab3ec63 | Third Party Advisory |
Configurations
History
21 Nov 2024, 08:01
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-09-27 15:18
Updated : 2024-11-21 08:01
NVD link : CVE-2023-30959
Mitre link : CVE-2023-30959
CVE.ORG link : CVE-2023-30959
JSON object : View
Products Affected
palantir
- apollo_autopilot