CVE-2023-23957

MEDIUM

Symantec Identity Portal 14.4 - Info Disclosure

Title source: llm

Description

An authenticated user can see and modify the value for ‘next’ query parameter in Symantec Identity Portal 14.4

References (1)

Scores

CVSS v3 5.4
EPSS 0.0028
EPSS Percentile 50.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Classification

CWE
CWE-601
Status published

Affected Products (1)

symantec/identity_portal

Timeline

Published Sep 19, 2023
Tracked Since Feb 18, 2026