CVE-2024-7466 | PMWeb 7.2.00 Web Application Firewall cross site scripting

Posted by Angelo Barbosa | Aug 4, 2024 | CVE

A vulnerability has been found in PMWeb 7.2.00 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Application Firewall. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-7466. The attack can be launched remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-7466 | PMWeb 7.2.00 Web Application Firewall cross site scripting

Related Posts

CVE-2024-0769 | D-Link DIR-859 1.06B01 HTTP POST Request /hedwig.cgi service path traversal

CVE-2024-26762 | Linux Kernel up to 6.7.6 cxl_mem denial of service (21e5e84f3f63/eef5c7b28dbe)

CVE-2022-30267 | Emerson Ovation up to 3.8.0 FP1 data authenticity (icsa-24-158-02)

CVE-2024-0619 | Payflex Payment Gateway Plugin up to 2.5.0 on WordPress Order Status Update authorization