2 matches found
CVE-2024-53679
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache VCL in the User Lookup form. A user with sufficient rights to be able to view this part of the site can craft a URL or be tricked in to clicking a URL that will give a specified user elevate...
CVE-2024-53679
CVE-2024-53679 is an Apache VCL XSS in the User Lookup form. The issue is caused by improper neutralization of input during web page generation, allowing a user with sufficient rights to craft or click a URL that can elevate privileges for a specified user. Affected software: Apache VCL up to ver...