CVE-2024-5410

Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.

CVSS

No CVSS.

References

Link	Resource
http://seclists.org/fulldisclosure/2024/May/36
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-oring-iap420/

Configurations

No configuration.

History

10 Jun 2024, 17:16

Type	Values Removed	Values Added
Summary		(es) La falta de validación de entrada en la interfaz web ORing del IAP-420 permite el almacenamiento de Cross-site scripting (XSS). Este problema afecta a la versión 2.01e y anteriores del IAP-420.
References		() http://seclists.org/fulldisclosure/2024/May/36 -

28 May 2024, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-05-28 11:15

Updated : 2024-06-10 17:16

NVD link : CVE-2024-5410

Mitre link : CVE-2024-5410

CVE.ORG link : CVE-2024-5410

JSON object : View

Products Affected

No product.

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON object

Attach tags to CVE-2024-5410

Attach tags to `CVE-2024-5410`