CVE-2024-5961

Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4.

CVSS

No CVSS.

References

Link	Resource
https://2clickportal.pl/
https://cert.pl/en/posts/2024/06/CVE-2024-5961/
https://cert.pl/posts/2024/06/CVE-2024-5961/

Configurations

No configuration.

History

17 Jun 2024, 12:42

Type	Values Removed	Values Added
Summary		(es) La neutralización inadecuada de la entrada durante la vulnerabilidad de generación de páginas web en el software 2ClickPortal permite cross-site scripting (XSS) reflejado. Un atacante podría engañar a alguien para que utilice una URL manipulada, lo que provocará que se ejecute un script en el navegador del usuario. Este problema afecta a las versiones del software 2ClickPortal desde la 7.2.31 hasta la 7.6.4.

14 Jun 2024, 08:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-06-14 08:15

Updated : 2024-06-17 12:42

NVD link : CVE-2024-5961

Mitre link : CVE-2024-5961

CVE.ORG link : CVE-2024-5961

JSON object : View

Products Affected

No product.

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

JSON object

Attach tags to CVE-2024-5961

Attach tags to `CVE-2024-5961`