CVE-2023-37360 (pacparser)

pacparser_find_proxy in Pacparser before 1.4.2 allows JavaScript injection, and possibly privilege escalation, when the attacker controls the URL (which may be realistic within enterprise security products).

controls cve enterprise enterprise security escalation injection javascript javascript injection may privilege privilege escalation products security security products url