6 matches found
CVE-2024-41353
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...
CVE-2024-41353
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...
CVE-2024-41353
CVE-2024-41353 affects phpIPAM 1.6, with a Cross Site Scripting (XSS) vulnerability in app/admin/groups/edit-group.php. The issue is documented across multiple feeds (NVD, Red Hat, OSV, CNNVD, CVE list, CVE.org) noting XSS via the affected script. The exposed component is the edit-group.php handl...
CVE-2024-41353
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...
CVE-2024-41353
phpipam 1.6 is vulnerable to Cross Site Scripting XSS via app\admin\groups\edit-group.php...
Cross site scripting
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/edit-group.php by adding a question mark ? followed by the payload...