CVE-2024-4026 | Holded Application up to 4.19.x General/Team ID cross site scripting

Inserito da Angelo Barbosa | Apr 22, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Holded Application up to 4.19.x. Affected by this issue is some unknown functionality of the component General/Team ID. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2024-4026. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-4026 | Holded Application up to 4.19.x General/Team ID cross site scripting

Post correlati

CVE-2024-43410 | Eugeny russh up to 0.44.0 allocation of resources

CVE-2024-0020 | Google Android 11/12/12L/13/14 NotificationSoundPreference.java onActivityResult information disclosure

CVE-2024-37999 | Siemens Medicalis Workflow Orchestrator improper ownership management

CVE-2024-22795 | Forescout SecureConnector 11.3.06.0063 Recheck Compliance Status permission