CVE-2023-37360 MEDIUM

CVE-2023-37360

Vendor N/A
Product n/a
Published June 30, 2023
Last update November 26, 2024

CVSS base score

5.9/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AC:L/AV:L/A:L/C:L/I:L/PR:N/S:U/UI:N

What the vulnerability does

01Description

pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (which may be realistic within enterprise security products).

Key dates

02Disclosure timeline

June 30, 2023 CVE published
November 26, 2024 Record updated