← Back to CVE List

CVE-2024-0981

Published: 2024-07-23T21:15Z
Last Modified: 2024-11-21T08:47Z
Source: MITRE CVE List
License: MITRE-CVE-TOS
Okta Browser Plugin versions 6.5.0 through 6.31.0 (Chrome/Edge/Firefox/Safari) are vulnerable to cross-site scripting. This issue occurs when the plugin prompts the user to save these credentials within Okta Personal. A fix was implemented to properly escape these fields, addressing the vulnerability. Importantly, if Okta Personal is not added to the plugin to enable multi-account view, the Workforce Identity Cloud plugin is not affected by this issue. The vulnerability is fixed in Okta Browser Plugin version 6.32.0 for Chrome/Edge/Safari/Firefox. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt