4 matches found
CVE-2024-10289
Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ManageSubscription, parameter MSubListName...
CVE-2024-10289
This CVE affects LocalServer 1.0.9 and involves a Cross-Site Scripting (XSS) flaw in the /mlss/ManageSubscription endpoint, specifically exploiting the MSubListName parameter to potentially steal session details from authenticated users. The connected PT-2024-16161 entry confirms the vulnerabilit...
CVE-2024-10289 Cross-Site Scripting (XSS) vulnerability in LocalServer
Cross-Site Scripting XSS vulnerability affecting LocalServer 1.0.9 that could allow a remote user to send a specially crafted query to an authenticated user and steal their session details through /mlss/ManageSubscription, parameter MSubListName...
PT-2024-16161 · Unknown · Localserver
Name of the Vulnerable Software and Affected Versions: LocalServer version 1.0.9 Description: A Cross-Site Scripting XSS issue allows a remote user to send a specially crafted query to an authenticated user, potentially stealing their session details. This is achieved through the...