CVE-2024-8750
CVSS V2 None
CVSS V3 None
Description
Cross-site Scripting (XSS) vulnerability in idoit pro version 28. This vulnerability allows an attacker to retrieve session details of an authenticated user due to lack of proper sanitization of the following parameters (id,lang,mNavID,name,pID,treeNode,type,view).
Overview
- CVE ID
- CVE-2024-8750
- Assigner
- INCIBE
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-09-12T11:38:24.912Z
- Last Modified Date
- 2024-09-12T12:54:52.748Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-synetics-idoit-pro |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-8750 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8750 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-09-13 13:07:39 | Added to TrackCVE |