CVE-2024-28063 | Kiteworks Totemomail up to 7.0.0 EnvelopeOpenServlet envelopeRecipient cross site scripting

Inserito da Angelo Barbosa | Mag 19, 2024 | CVE

A vulnerability was found in Kiteworks Totemomail up to 7.0.0 and classified as problematic. This issue affects some unknown processing of the file /responsiveUI/EnvelopeOpenServlet. The manipulation of the argument envelopeRecipient leads to cross site scripting.

The identification of this vulnerability is CVE-2024-28063. The attack may be initiated remotely. There is no exploit available.

CVE-2024-28063 | Kiteworks Totemomail up to 7.0.0 EnvelopeOpenServlet envelopeRecipient cross site scripting

Post correlati

CVE-2024-33101 | ThinkSAAS 3.7.0 /action/anti.php word cross site scripting (Issue 34)

CVE-2024-27403 | Linux Kernel up to 5.15.149/6.1.79/6.6.18/6.7.6 netfilter flow_offload_add access control

CVE-2024-2665 | Premium Addons for Elementor Plugin up to 4.10.27 on WordPress Button cross site scripting

CVE-2024-28198 | OpenOlat up to 18.1.5/18.2.1 HTTP Request xml external entity reference