2 matches found
CVE-2024-51860
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Custom Dashboard Widget create-custom-dashboard-widget allows Stored XSS.This issue affects Custom Dashboard Widget: from n/a through = 1.0.0...
PT-2024-34990 · Unknown · Duogeek Custom Dashboard Widget
Name of the Vulnerable Software and Affected Versions: DuoGeek Custom Dashboard Widget versions 1.0.0 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting XSS. This means an attacker could inject...