CVE-2023-50924 | Englesystem up to 3.4.0 DECT number/mobile number/work-log comment cross site scripting (GHSA-p5ch-rrpm-wvhm)

Posted by Angelo Barbosa | Dec 23, 2023 | CVE

A vulnerability classified as problematic was found in Englesystem up to 3.4.0. Affected by this vulnerability is an unknown functionality. The manipulation of the argument DECT number/mobile number/work-log comment leads to cross site scripting.

This vulnerability is known as CVE-2023-50924. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-50924 | Englesystem up to 3.4.0 DECT number/mobile number/work-log comment cross site scripting (GHSA-p5ch-rrpm-wvhm)

Related Posts

CVE-2024-39916 | fogproject 1.5.9/1.5.10/1.5.10.15 no_subtree_check variable initialization

CVE-2024-24043 | Speedy11CZ MCRPX up to 1.4.0 File path traversal

CVE-2024-4570 | Elementor Addon Elements Plugin up to 1.13.5 on WordPress cross site scripting

CVE-2024-21469 | Qualcomm Snapdragon up to SXR1230P TEE access control