CVE-2024-10385

Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS Cross-site Scripting, which allows a low-privileged user to inject and store malicious JavaScript code. If an admin views the ticket, the script might perform actions with their privileges, including command execution. ...

CVE-2024-10385 Stored XSS in DirectAdmin Evo Skin

Ticket management system in DirectAdmin Evolution Skin is vulnerable to XSS Cross-site Scripting, which allows a low-privileged user to inject and store malicious JavaScript code. If an admin views the ticket, the script might perform actions with their privileges, including command execution. ...

CVE-2024-10385

CVE-2024-10385 affects DirectAdmin Evolution Skin’s ticket management system. It describes a stored XSS vulnerability that allows a low-privileged user to inject and persist malicious JavaScript; if an admin views the ticket, the script may perform privileged actions, including command execution....

DirectAdmin Evolution Skin 安全漏洞

DirectAdmin Evolution Skin is an application from DirectAdmin, Inc. A security vulnerability exists in DirectAdmin Evolution Skin versions prior to 1.668, which stems from the vulnerability of the Ticket management system to a cross-site scripting attack that allows a low-privileged user to injec...

PT-2024-16236 · Directadmin · Directadmin Evolution Skin

Name of the Vulnerable Software and Affected Versions: DirectAdmin Evolution Skin versions prior to 1.668 Description: The ticket management system in DirectAdmin Evolution Skin is vulnerable to Cross-site Scripting XSS, which allows a low-privileged user to inject and store malicious JavaScript...