NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2024-7124

Summary	Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects DInGO dLibra software in versions from 6.0 before 6.3.20.
Publication Date	Nov. 15, 2024, 12:15 a.m.
Registration Date	Nov. 15, 2024, 5 a.m.
Last Update	Nov. 15, 2024, 10:58 p.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://cert.pl/en/posts/2024/11/CVE-2024-7124/
2	https://cert.pl/posts/2024/11/CVE-2024-7124/
3	https://dingo.psnc.pl/dlibra/

Common Vulnerabilities List