We found results for “”
CVE-2024-24571
Good to know:
Date: January 31, 2024
facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation.
Language: PHP
Severity Score
Severity Score
Weakness Type (CWE)
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
CWE-80Top Fix
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | REQUIRED |
Scope (S): | CHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |