CVE-2024-0718 | liuwy-dlsdys zhglxt 4.7.7 HTTP POST Request /oa/notify/edit notifyTitle cross site scripting

Inserito da Angelo Barbosa | Gen 19, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in liuwy-dlsdys zhglxt 4.7.7. This issue affects some unknown processing of the file /oa/notify/edit of the component HTTP POST Request Handler. The manipulation of the argument notifyTitle leads to cross site scripting.

The identification of this vulnerability is CVE-2024-0718. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-0718 | liuwy-dlsdys zhglxt 4.7.7 HTTP POST Request /oa/notify/edit notifyTitle cross site scripting

Post correlati

CVE-2024-43827 | Linux Kernel up to 6.10.2 AMD Display enable_phantom_plane null pointer dereference (081ff4c0ef18/c96140000915)

CVE-2024-39927 | Ricoh IM C3510 prior 2.00-00 Request out-of-bounds write (ricoh-2024-000008)

CVE-2024-22339 | IBM UrbanCode Deploy/DevOps Deploy log file (XFDB-279979)

CVE-2023-48335 | Webcraftic Hide login page Plugin up to 1.1.9 on WordPress information disclosure