CVE-2024-10289

CVSS V2 None CVSS V3 None
Description
Cross-Site Scripting (XSS) vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ManageSubscription, parameter MSubListName.
Overview
  • CVE ID
  • CVE-2024-10289
  • Assigner
  • INCIBE
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-10-23T12:03:48.367Z
  • Last Modified Date
  • 2024-10-23T12:59:03.838Z
History
Created Old Value New Value Data Type Notes
2024-10-24 13:12:53 Added to TrackCVE