CVE-2024-22855

A cross-site scripting XSS vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter...

CVE-2024-22855

A cross-site scripting XSS vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter...

ITSS iMLog Cross-Site Scripting Vulnerability

ITSS iMLog is a centralized monitoring tool from ITSS Corporation. A cross-site scripting vulnerability exists in ITSS iMLog prior to v1.308, which stems from a cross-site scripting vulnerability in the User Maintenance section that allows an attacker to inject a crafted payload to execute...

CVE-2024-22855

CVE-2024-22855 affects ITSS iMLog v1.307 in the User Maintenance section. The vulnerability is a cross-site scripting (XSS) flaw that allows an attacker to inject a crafted payload into the Last Name parameter, enabling arbitrary web scripts or HTML execution. The issue stems from input handling ...

CVE-2024-22855

A cross-site scripting XSS vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter...

CVE-2024-22855

A cross-site scripting XSS vulnerability in the User Maintenance section of ITSS iMLog v1.307 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name parameter...

iMLog Cross Site Scripting

Exploit Title: iMLog "User Maintenance" 3. Click on "Search" and then select your UserID. 4. Change the "Last Name" input to 5. Click on "Save" 6. Refresh the page, XSS will be triggered...