BrotherOfJhonny/CVE-2024-51026_Overview

Releases0

Sistema NetAdmin IAM 4 é vulnerável a Cross Site Scripting (XSS), no endpoint /BalloonSave.ashx

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-51026 ↗	Nov 11, 2024Monday, 11 November 2024, 21:15	5.4 MEDIUM	—
The NetAdmin IAM system (version 4.0.30319) has a Cross Site Scripting (XSS) vulnerability in the /BalloonSave.ashx endpoint, where it is possible to inject a malicious payload into the Content= field.