CVE-2024-2479 | MHA Sistemas arMHAzena 9.6.0.0 Cadastro Page Query cross site scripting

Inserito da Angelo Barbosa | Mar 15, 2024 | CVE

A vulnerability classified as problematic has been found in MHA Sistemas arMHAzena 9.6.0.0. This affects an unknown part of the component Cadastro Page. The manipulation of the argument Query leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-2479. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2479 | MHA Sistemas arMHAzena 9.6.0.0 Cadastro Page Query cross site scripting

Post correlati

CVE-2024-45406 | Craft CMS up to 5.1.1 breadcrumb list/title cross site scripting (GHSA-28h4-788g-rh42)

CVE-2024-37923 | Cliengo Chatbot Plugin up to 3.0.1 on WordPress cross-site request forgery

CVE-2024-33269 | Prestaddons flashsales Module up to 1.9.7 on PrestaShop FsModel::getFlashSales sql injection

CVE-2024-0242 | Qolsys IQ Panel 4/IQ4 Hub up to 4.4.1 Setting information disclosure (icsa-24-039-01)