CVE-2024-55544
Dec. 10, 2024, 8:15 p.m.
Tags
Product(s) Impacted
IAP-420
- 2.01e and below
Description
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
Weaknesses
CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE ID: 77Date
Published: Dec. 10, 2024, 4:15 p.m.
Last Modified: Dec. 10, 2024, 8:15 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
office@cyberdanube.com
References
https://cyberdanube.com/
office@cyberdanube.com
https://cyberdanube.com/
134c704f-9b21-4f2e-91b3-4a467353bcc0