CVE-2024-9572

CVSS V2 None CVSS V3 None
Description
Cross-Site Scripting (XSS) vulnerability in SOPlanning <1.45, due to lack of proper validation of user input via /soplanning/www/process/groupe_save.php, in the groupe_id parameter. This could allow a remote user to send a specially crafted query to an authenticated user and steal their session details.
Overview
  • CVE ID
  • CVE-2024-9572
  • Assigner
  • INCIBE
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-10-07T14:46:03.718Z
  • Last Modified Date
  • 2024-10-07T17:38:49.874Z
History
Created Old Value New Value Data Type Notes
2024-10-08 13:37:39 Added to TrackCVE