Home > Vulnerability Database > CVE-2024-24571

Mend.io Vulnerability Database

CVE-2024-24571

Good to know:

Date: January 31, 2024

facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation.

Language: PHP

Severity Score

5.4

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2024-24571

Url: https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caa5872877

Url: https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqj

Url: https://www.mend.io/vulnerability-database/CVE-2024-24571

Severity Score

5.4

Weakness Type (CWE)

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

CWE-80

Top Fix

Upgrade Version

Upgrade to version v4.5.1-complete

Learn More

CVSS v3.1

Base Score:	5.4
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2024-24571

Good to know:

Date: January 31, 2024

Language: PHP

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?