CVE-2024-2391 | EVE-NG 5.0.1-13 Lab cross site scripting (Exploit 51153)

Posted by Angelo Barbosa | Mar 12, 2024 | CVE

A vulnerability was found in EVE-NG 5.0.1-13 and classified as problematic. Affected by this issue is some unknown functionality of the component Lab Handler. The manipulation leads to cross site scripting.

This vulnerability is handled as CVE-2024-2391. The attack may be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2391 | EVE-NG 5.0.1-13 Lab cross site scripting (Exploit 51153)

Related Posts

CVE-2024-1693 | SP Project & Document Manager Plugin up to 4.70 on WordPress Folder Name access control

CVE-2024-1410 | Cloudflare quiche up to 0.19.1/0.20.0 resource consumption (GHSA-xhg9-xwch-vr7x)

CVE-2024-43280 | Salon Booking System Plugin up to 10.8.1 on WordPress URL redirect

CVE-2023-49088 | Cacti up to 1.2.25 data_debug.php cross site scripting (GHSA-hrg9-qqqx-wc4h)