The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://github.com/BrotherOfJhonny/CVE-2024-51026_Overview |
History
Tue, 12 Nov 2024 18:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Netadmin
Netadmin netadmin |
|
Weaknesses | CWE-79 | |
CPEs | cpe:2.3:a:netadmin:netadmin:*:*:*:*:*:*:*:* | |
Vendors & Products |
Netadmin
Netadmin netadmin |
|
Metrics |
cvssV3_1
|
Mon, 11 Nov 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-11-11T00:00:00
Updated: 2024-11-12T18:10:32.176Z
Reserved: 2024-10-28T00:00:00
Link: CVE-2024-51026
Vulnrichment
Updated: 2024-11-12T18:10:22.082Z
NVD
Status : Awaiting Analysis
Published: 2024-11-11T21:15:06.683
Modified: 2024-11-12T18:35:32.357
Link: CVE-2024-51026
Redhat
No data.