CVE-2024-24507

Cross Site Scripting vulnerability in Act-On 2023 allows a remote attacker to execute arbitrary code via the newUser parameter in the login.jsp component.