An attacker can inject malicious code into the target application's request chain (using injected variable) and potentially gain access to internal data via unvalidated input.
An attacker can inject malicious code into the target application's request chain (using injected variable) and potentially gain access to internal data via unvalidated input. The prior version of Okta Advanced Server Access Client for Windows was found to be vulnerable to XSS injection via a specially crafted URL.
The prior version of Okta Advanced Server Access Client for Windows was found to be vulnerable to XSS injection via a specially crafted URL. An attacker can inject malicious code into the target application's request chain (using injected variable) and potentially gain access to internal data via unvalidated input.
An attacker can inject malicious code into the target application's request chain (using injected variable) and potentially gain access to internal data via unvalidated input. The prior version of Okta Advanced Server Access Client for Windows was found to be vulnerable to stored XSS injection via a specially crafted URL.
The prior version of Okta Advanced Server Access Client for Windows was found to be vulnerable to stored XSS injection via a specially crafted URL. An attacker can inject malicious code into the target application's request chain (using injected variable) and potentially gain access to internal data via unvalidated input.
Overview
An attacker can inject malicious code into the target application's request chain (using injected variable) and potentially gain access to internal data via unvalidated input. The prior version of Okta Advanced Server Access Client for Windows was found to be vulnerable to stored XSS injection via a specially crafted URL. An attacker can inject malicious code into the target application's request chain (using injected variable) and potentially gain access to internal data via unvalidated input.
Okta Advanced Server Access Client for Linux was found to be vulnerable to stored XSS injection via a specially crafted URL.
An attacker can inject malicious code into the target application's request chain (using injected variable) and potentially gain access to internal data via unvalidated input. The prior version of Okta Advanced Server Access Client for Linux was found to be vulnerable to stored XSS injection via a specially crafted URL.
Timeline
Published on: 02/21/2022 18:15:00 UTC
Last modified on: 03/01/2022 15:28:00 UTC