CVE-2024-4337

CVSS V2 None CVSS V3 None
Description
Adive Framework 2.0.8, does not sufficiently encode user-controlled inputs, resulting in a persistent Cross-Site Scripting (XSS) vulnerability via the /adive/admin/nav/add, in multiple parameters. This vulnerability allows an attacker to retrieve the session details of an authenticated user.
Overview
  • CVE ID
  • CVE-2024-4337
  • Assigner
  • INCIBE
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-04-30T09:33:46.193Z
  • Last Modified Date
  • 2024-04-30T09:33:46.193Z
History
Created Old Value New Value Data Type Notes
2024-06-23 22:37:11 Added to TrackCVE