CVE-2024-6058 | LabVantage LIMS 2017 rc height/width cross site scripting

A vulnerability classified as problematic has been found in LabVantage LIMS 2017. This affects an unknown part of the file /labvantage/rc?command=page&page=SampleHistoricalList&_iframename=list&__crc=crc_1701669816260. The manipulation of the argument height/width leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-6058. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6058 | LabVantage LIMS 2017 rc height/width cross site scripting

Post correlati

CVE-2024-25567 | Delta Electronics DIAEnergie prior 1.10.00.005 path traversal (icsa-24-074-12)

CVE-2023-5965 | EspoCRM up to 7.5.2 ZIP File unrestricted upload

CVE-2021-47554 | Linux Kernel up to 5.15.5 vdpa_sim vdpasim_create null pointer dereference (e4d58ac67e63/bb93ce4b150d)

CVE-2024-50135 | Linux Kernel up to 6.6.58/6.11.5 nvme-pci drivers/pci/msi/api.c nvme_dev_disable race condition (4ed32cc0939b/b33e49a5f254/26bc0a81f64c)