Podatność CVE-2024-42831
Publikacja: 2024-10-07

Opis:
A reflected cross-site scripting (XSS) vulnerability in Elaine's Realtime CRM Automation v6.18.17 allows attackers to execute arbitrary JavaScript code in the web browser of a user via injecting a crafted payload into the dialog parameter at wrapper_dialog.php.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Low
Elaine's Realtime CRM Automation 6.18.17 Cross Site Scripting
Haythem Arfaoui
24.09.2024
Low
Elaine's Realtime CRM Automation 6.18.17 Cross Site Scripting
Haythem Arfaoui
26.09.2024

Typ:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 Referencje:
http://elaine.com
http://realtime.com
https://seclists.org/fulldisclosure/2024/Sep/49
Copyright 2024, cxsecurity.com

 

Back to Top