CVE-2023-37360

Published June 30th, 2023

View on NVD ↗

CVSS v3

5.9

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (which may be realistic within enterprise security products).

manugarg/pacparser

Library and tools to parse and test proxy auto-config (PAC) files

GitHub

532