CVE-2024-42904

Published
View on NVD ↗
CVSS v3
6.1
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS

Description

A cross-site scripting (XSS) vulnerability in SysPass 3.2.x allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name parameter at /Controllers/ClientController.php.

nuxsmin/sysPass
nuxsmin/sysPass
Systems Password Manager
GitHubGitHub
992
sysentr0py/CVEs
sysentr0py/CVEs
CVEs found during penetration testing activities.
GitHubGitHub
1