CVE-2024-36599

🗓️ 14 Jun 2024 18:27:15Reported by mitreType

cve🔗 web.nvd.nist.gov👁 46 Views🌐 WEB

Aegon Life v1.0 XSS Vulnerability in insertClient.ph

Reporter	Title	Published	Views	Family All 6
Packet Storm	AEGON LIFE 1.0 Cross Site Scripting	14 Jun 202400:00	–	packetstorm
0day.today	AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting Vulnerability	14 Jun 202400:00	–	zdt
Vulnrichment	CVE-2024-36599	14 Jun 202400:00	–	vulnrichment
Cvelist	CVE-2024-36599	14 Jun 202400:00	–	cvelist
Exploit DB	AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)	14 Jun 202400:00	–	exploitdb
NVD	CVE-2024-36599	14 Jun 202418:15	–	nvd

Nvd

Node

aegon life_insurance_management_systemMatch1.0

Source	Link
github	www.github.com/kaliankhe/CVE-Aslam-mahi/blob/9ec0572c68bfd3708a7d6e089181024131f4e927/vendors/projectworlds.in/AEGON%20LIFE%20v1.0%20Life%20Insurance%20Management%20System/CVE-2024-36599

Parameter	Position	Path	Description	CWE
name	request body	/lims/insertClient.php	Stored cross-site scripting (XSS) vulnerability allowing execution of arbitrary web scripts via crafted payload.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Jun 2024 18:15Current

5.8Medium risk

Vulners AI Score5.8

CVSS36.1

EPSS0.00046

SSVC

CWE-79