Vulnerability CVE-2024-24571
Published: 2024-01-31   Modified: 2024-02-01

Description:
facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation.

Type:

CWE-80

 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS))

 References:
https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj
https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caa5872877
Copyright 2024, cxsecurity.com

 

Back to Top