CVE-2024-10288

CVSS V2 None CVSS V3 None
Description
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/SubscribeToList, parameter ListName.
Overview
  • CVE ID
  • CVE-2024-10288
  • Assigner
  • INCIBE
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-10-23T12:03:10.937Z
  • Last Modified Date
  • 2024-10-23T12:59:41.430Z
History
Created Old Value New Value Data Type Notes
2024-10-24 13:09:24 Added to TrackCVE