3 matches found
CVE-2024-29879
Cross-Site Scripting XSS vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data...
CVE-2024-29879 Cross-Site Scripting (XSS) vulnerability in Sentrifugo
Cross-Site Scripting XSS vulnerability in Sentrifugo 3.2, through /sentrifugo/index.php/index/getdepartments/format/html, 'businessid' parameter. The exploitation of this vulnerability could allow a remote user to send a specially crafted URL to the victim and steal their session data...
CVE-2024-29879
CVE-2024-29879 describes a Cross-Site Scripting (XSS) vulnerability in Sentrifugo 3.2. The flaw arises in the business_id parameter of the URL path /sentrifugo/index.php/index/getdepartments/format/html, where insufficient input filtering/escaping enables injection of arbitrary script code. Impac...