Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/02/20 12:25 a.m.7 views

CVE-2024-56882

Sage DPW before 202412000 is vulnerable to Cross Site Scripting XSS. Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with...

5.4CVSS6.3AI score0.00397EPSS
Exploits1References1
OSV
OSV
added 2025/02/18 6:15 p.m.5 views

CVE-2024-56882

Sage DPW before 202412000 is vulnerable to Cross Site Scripting XSS. Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with...

5.4CVSS5.9AI score0.00397EPSS
Exploits1References1
NVD
NVD
added 2025/02/18 6:15 p.m.10 views

CVE-2024-56882

Sage DPW before 202412000 is vulnerable to Cross Site Scripting XSS. Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with...

5.4CVSS0.00397EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/18 12:0 a.m.11 views

CVE-2024-56882

Sage DPW before 202412000 is vulnerable to Cross Site Scripting XSS. Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with...

0.00397EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/18 12:0 a.m.6 views

CVE-2024-56882

Sage DPW before 202412000 is vulnerable to Cross Site Scripting XSS. Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with...

5.3AI score0.00397EPSS
Exploits1References1
CVE
CVE
added 2025/02/18 12:0 a.m.54 views

CVE-2024-56882

CVE-2024-56882 affects Sage DPW before 2024_12_000. Affected component: Kurstitel and Kurzinfo input fields where low-privileged users with the employee role can permanently store JavaScript. The injected payload is executed for each authenticated user who views/interacts with the modified data. ...

5.4CVSS6.6AI score0.00397EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder