2 matches found
CVE-2024-35504
A cross-site scripting XSS vulnerability in the login page of FineSoft v8.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL:errorname parameter after a failed login attempt...
CVE-2024-35504
CVE-2024-35504 affects FineSoft v8.0, with a cross-site scripting (XSS) vulnerability in the login page that allows an attacker to execute arbitrary scripts via a crafted payload in the URL’s errorname parameter after a failed login. The Red Hat / NVD / CVE enrichment entries confirm the issue as...