CVE-2024-6939 | Xinhu RockOA 2.6.3 tpl_upload.html okla callback cross site scripting

Inserito da Angelo Barbosa | Lug 20, 2024 | CVE

A vulnerability was found in Xinhu RockOA 2.6.3 and classified as problematic. Affected by this issue is the function okla of the file /webmain/public/upload/tpl_upload.html. The manipulation of the argument callback leads to cross site scripting.

This vulnerability is handled as CVE-2024-6939. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2024-6939 | Xinhu RockOA 2.6.3 tpl_upload.html okla callback cross site scripting

Post correlati

CVE-2024-7692 | Flaming Forms Plugin up to 1.0.1 on WordPress cross site scripting

CVE-2024-7732 | SECOM Dr.ID Attendance System up to 3.6.2 page sql injection

CVE-2023-46932 | GPAC 2.3-DEV-rev617-g671976fcc-master MP4Box src/media_tools/avilib.c denial of service

CVE-2023-6382 | Master Slider Plugin up to 3.9.9 on WordPress cross site scripting