CVE-2024-1030

A vulnerability was found in Cogites eReserv 7.7.58. It has been classified as problematic. This affects an unknown part of the file /front/admin/tenancyDetail.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-252303.
References
Link Resource
https://vuldb.com/?ctiid.252303 Permissions Required Third Party Advisory VDB Entry
https://vuldb.com/?id.252303 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:cogites:ereserv:7.7.58:*:*:*:*:*:*:*

History

05 Feb 2024, 20:40

Type Values Removed Values Added
First Time Cogites
Cogites ereserv
CPE cpe:2.3:a:cogites:ereserv:7.7.58:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4
References () https://vuldb.com/?id.252303 - () https://vuldb.com/?id.252303 - Third Party Advisory, VDB Entry
References () https://vuldb.com/?ctiid.252303 - () https://vuldb.com/?ctiid.252303 - Permissions Required, Third Party Advisory, VDB Entry

30 Jan 2024, 10:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-01-30 10:15

Updated : 2024-05-17 02:35


NVD link : CVE-2024-1030

Mitre link : CVE-2024-1030

CVE.ORG link : CVE-2024-1030


JSON object : View

Products Affected

cogites

  • ereserv
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')