A reflected cross-site scripting (XSS) vulnerability in "PrevPgGroup.aspx" in CADClick v1.11.0 and before allows remote attackers to inject arbitrary web script or HTML via the "wer" parameter.
References
Configurations
No configuration.
History
07 Oct 2024, 19:37
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
CWE | CWE-79 |
07 Oct 2024, 17:48
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
04 Oct 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
04 Oct 2024, 18:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-04 18:15
Updated : 2024-10-07 19:37
NVD link : CVE-2024-41514
Mitre link : CVE-2024-41514
CVE.ORG link : CVE-2024-41514
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')