Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
History

Tue, 10 Dec 2024 16:15:00 +0000

Type Values Removed Values Added
Description Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting (XSS).This issue affects IAP-420 version 2.01e and below.
Title Authenticated Command Injection
Weaknesses CWE-77
References
Metrics cvssV4_0

{'score': 8.7, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: CyberDanube

Published: 2024-12-10T16:04:34.147Z

Updated: 2024-12-10T19:53:44.725Z

Reserved: 2024-12-07T13:23:43.004Z

Link: CVE-2024-55544

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2024-12-10T16:15:24.107

Modified: 2024-12-10T20:15:21.147

Link: CVE-2024-55544

cve-icon Redhat

No data.