CVE-2022-1293 | XSS vulnerability in Citadel

  • Publication date: 2022-04-13T09:42:00.000Z
  • State: public
  • Description: We have discovered a vulnerability that can affect the Citadel client. The embedded neutralization of Script-Related HTML Tag, was by-passed in the case of some extra conditions.
  • Affected versions: 7.1.1 and lower
  • Remediation: update to version 7.1.2 or higher
    • web client: just reload the page
    • desktop client: launch update from the menu