CVE-2024-50623
Oct. 28, 2024, 9:15 p.m.
Tags
Product(s) Impacted
Cleo Harmony
- before 5.8.0.20
VLTrader
- before 5.8.0.20
LexiCom
- before 5.8.0.20
Description
In Cleo Harmony before 5.8.0.20, VLTrader before 5.8.0.20, and LexiCom before 5.8.0.20, there is a JavaScript Injection vulnerability: unrestricted file upload and download could lead to remote code execution.
Weaknesses
Date
Published: Oct. 28, 2024, 12:15 a.m.
Last Modified: Oct. 28, 2024, 9:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org