CVE-2023-28017: 
NixOS vulnerability analysis and mitigation

CVE-2023-28017 is a cross-site scripting (XSS) vulnerability affecting HCL Connections. The vulnerability was disclosed on December 7, 2023, and affects multiple versions of HCL Connections including versions 6.0, 6.5, 7.0, and 8.0. This security flaw allows attackers to execute arbitrary script code in the browser of unsuspecting users who visit a vulnerable URL (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 5.4 (Medium severity) with the following vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N. The attack vector is network-based (AV:N), with low attack complexity (AC:L), requiring low privileges (PR:L) and user interaction (UI:R). The scope is changed (S:C), with low impacts on both confidentiality and integrity, but no impact on availability (NVD).

When exploited, this vulnerability allows attackers to execute malicious script code in the victim's browser within the security context of the hosting website. This can lead to the theft of cookie-based authentication credentials, potentially compromising the user's account and enabling the launch of additional attacks (NVD).

HCL has released patches to address this vulnerability. Affected organizations should apply the available security updates to their HCL Connections installations (HCL Advisory).