CVE-2024-36697 in System Softwareinformação

Sumário

de MITRE • 10/07/2025

A cross-site scripting (XSS) vulnerability in the Admin Login page of Allworx System Software v9.1.9.12 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the SessionID parameter at query.asp.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Responsável

MITRE

Reservar

30/05/2024

Divulgação

10/07/2025

Moderação

aceite

Entrada

VDB-315990

CPE

pronto

EPSS

0.00183

KEV

não

Atividades

muito baixo

Fontes

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!