CVE-2023-50924 | Englesystem up to 3.4.0 DECT number/mobile number/work-log comment cross site scripting (GHSA-p5ch-rrpm-wvhm)

Posted by Angelo Barbosa | Dec 23, 2023 | CVE

A vulnerability classified as problematic was found in Englesystem up to 3.4.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument DECT number/mobile number/work-log comment leads to cross site scripting.

This vulnerability is known as CVE-2023-50924. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-50924 | Englesystem up to 3.4.0 DECT number/mobile number/work-log comment cross site scripting (GHSA-p5ch-rrpm-wvhm)

Related Posts

CVE-2024-31810 | Totolink EX200 4.0.3c.7646_B20201211 /etc/shadow.sample hard-coded password

CVE-2023-6425 | BigProf Online Clinic Management System 2.2 medical_records_view.php FirstRecord cross site scripting

CVE-2024-26617 | Linux Kernel up to 6.7.2 MMU Notifications fs/proc/task_mmu race condition (05509adf2979/4cccb6221cae)

CVE-2023-5800 | AXIS OS 6.50/8.40/9.80/10.12/11.8 VAPIX API create_overlay.cgi Remote Code Execution