A vulnerability was found in Cogites eReserv 7.7.58. It has been classified as problematic. This affects an unknown part of the file /front/admin/tenancyDetail.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-252303.
References
Link | Resource |
---|---|
https://vuldb.com/?ctiid.252303 | Permissions Required Third Party Advisory VDB Entry |
https://vuldb.com/?id.252303 | Third Party Advisory VDB Entry |
Configurations
History
05 Feb 2024, 20:40
Type | Values Removed | Values Added |
---|---|---|
First Time |
Cogites
Cogites ereserv |
|
CPE | cpe:2.3:a:cogites:ereserv:7.7.58:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
References | () https://vuldb.com/?id.252303 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?ctiid.252303 - Permissions Required, Third Party Advisory, VDB Entry |
30 Jan 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-30 10:15
Updated : 2024-05-17 02:35
NVD link : CVE-2024-1030
Mitre link : CVE-2024-1030
CVE.ORG link : CVE-2024-1030
JSON object : View
Products Affected
cogites
- ereserv
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')