CVE-2024-12995 | ruifang-tech Rebuild 3.8.6 Project Tasks Section tasks description cross site scripting

A vulnerability classified as problematic has been found in ruifang-tech Rebuild 3.8.6. This affects an unknown part of the file /project/050-9000000000000001/tasks of the component Project Tasks Section. The manipulation of the argument description leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-12995. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-12995 | ruifang-tech Rebuild 3.8.6 Project Tasks Section tasks description cross site scripting

Post correlati

CVE-2024-38156 | Microsoft Edge up to 126.0.2592.81 cross site scripting

CVE-2023-50207 | D-Link G416 flupl command injection (ZDI-23-1823)

CVE-2024-3982 | Hitachi Energy MicroSCADA SYS600 up to 10.5 authentication replay

CVE-2024-4747 | Propovoice CRM Plugin up to 1.7.6.2 on WordPress cross site scripting