facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation.
References
Configurations
History
21 Nov 2024, 08:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caa5872877 - Patch | |
References | () https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj - Exploit, Vendor Advisory |
07 Feb 2024, 17:25
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj - Exploit, Vendor Advisory | |
References | () https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caa5872877 - Patch | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
First Time |
Facilemanager facilemanager
Facilemanager |
|
CPE | cpe:2.3:a:facilemanager:facilemanager:*:*:*:*:*:*:*:* |
31 Jan 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-31 23:15
Updated : 2024-11-21 08:59
NVD link : CVE-2024-24571
Mitre link : CVE-2024-24571
CVE.ORG link : CVE-2024-24571
JSON object : View
Products Affected
facilemanager
- facilemanager
CWE
CWE-80
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)