Submeter #483347: esafenet CDG V5 Cross-Site Scripting (XSS)informação

Titleesafenet CDG V5 Cross-Site Scripting (XSS)
DescriptionA vulnerability classified as critical has been discovered in esafenet's CDG v5 product. The curpage parameter in the todoDetail.jsp interface is not properly validated and sanitized, leading to a Cross-Site Scripting (XSS) vulnerability. An attacker can craft a malicious curpage parameter to inject JavaScript code, which can be executed in the user's browser.
Source⚠️ https://github.com/Rain1er/report/blob/main/CDG/todoDetail_1.md
User
 raindrop (UID 80297)
Submission16/01/2025 10h27 (há 6 meses)
Moderation28/01/2025 15h34 (12 days later)
StatusAceite
VulDB Entry293918 [ESAFENET CDG V5 /todoDetail.jsp curpage Roteiro Cruzado de Sítios]
Points18

VoltarVisão GeralPróximo

Interested in the pricing of exploits?

See the underground prices here!