Vulnerability CVE-2024-30920


Published: 2024-04-18

Description:
Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the render-document.php component.

See advisories in our WLB2 database:
Topic
Author
Date
Low
DerbyNet 9.0 render-document.php Cross Site Scripting
Valentin Lobstei...
08.04.2024

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://chocapikk.com/posts/2024/derbynet-vulnerabilities/

Copyright 2024, cxsecurity.com

 

Back to Top