3 matches found
CVE-2024-6892
Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the context of the Journyx web application...
CVE-2024-6892
Summary of CVE-2024-6892 (Journyx Reflected XSS) Affected product: Journyx (jtime) version 11.5.4. Root cause: Reflected cross-site scripting caused by unsanitized/reflected error_description parameter in the active directory login flow, which can be set via the URL and reflected in the page resp...
PT-2024-37933 · Journyx · Journyx
Name of the Vulnerable Software and Affected Versions: Journyx affected versions not specified Description: The issue allows attackers to craft a malicious link that, when clicked, will execute arbitrary JavaScript in the context of the Journyx web application. Recommendations: At the moment, the...