CVE-2024-2259
CVSS V2 None
CVSS V3 None
Description
This vulnerability exists in InstaRISPACS software due to insufficient validation of user supplied input for the loginTo parameter in user login module of the web interface of the application. A remote attacker could exploit this vulnerability by sending a specially crafted input to the vulnerable parameter to perform reflected Cross Site Scripting (XSS) attacks on the targeted system.
Overview
- CVE ID
- CVE-2024-2259
- Assigner
- CERT-In
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-08-13T10:18:24.658Z
- Last Modified Date
- 2024-08-13T14:19:41.149Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0241 | third-party-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-2259 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2259 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-08-14 13:05:27 | Added to TrackCVE |