CVE-2024-3781

Command injection vulnerability in the operating system. Improper neutralisation of special elements in Active Directory integration allows the intended command to be modified when sent to a downstream component in WBSAirback 21.02.04...

PT-2024-27822 · Unknown · Wbsairback

Name of the Vulnerable Software and Affected Versions: WBSAirback version 21.02.04 Description: The issue is a stored Cross-Site Scripting XSS vulnerability. It occurs through the /admin/SystemConfiguration endpoint, specifically in the name and free memory limit fields, and the type and password...