CVE-2024-11304
Nov. 21, 2024, 10:15 p.m.
Tags
Product(s) Impacted
SEH Computertechnik utnserver Pro
- 20.1.22
- below
SEH Computertechnik utnserver ProMAX
- 20.1.22
- below
SEH Computertechnik INU-100
- 20.1.22
- below
Description
Missing input validation in the SEH Computertechnik utnserver Pro, SEH Computertechnik utnserver ProMAX, SEH Computertechnik INU-100 web-interface allows stored Cross-Site Scripting (XSS). This issue affects utnserver Pro, utnserver ProMAX, INU-100 version 20.1.22 and below.
Weaknesses
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE ID: 79Date
Published: Nov. 18, 2024, 3:15 p.m.
Last Modified: Nov. 21, 2024, 10:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
office@cyberdanube.com