2 matches found
CVE-2024-50857
The ipdojob request in GestioIP v3.5.7 is vulnerable to Cross-Site Scripting XSS. It allows data exfiltration and enables CSRF attacks. The vulnerability requires specific user permissions within the application to exploit successfully...
PT-2025-2892 · Gestioip · Gestioip
Name of the Vulnerable Software and Affected Versions: GestioIP version 3.5.7 Description: The issue concerns a Reflected XSS vulnerability in the ip import acl csv request. When a user uploads an improperly formatted file, the content may be reflected in the HTML response, allowing the attacker ...