CVE-2024-56882 - Sage DPW Cross Site Scripting (XSS)
CVE ID : CVE-2024-56882 Published : Feb. 18, 2025, 6:15 p.m. | 2 hours, 14 minutes ago Description : Sage DPW before 2024_12_000 is vulnerable to Cross Site Scripting (XSS). Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with the modified data elements. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-56882
Published : Feb. 18, 2025, 6:15 p.m. | 2 hours, 14 minutes ago
Description : Sage DPW before 2024_12_000 is vulnerable to Cross Site Scripting (XSS). Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with the modified data elements.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Feb. 18, 2025, 6:15 p.m. | 2 hours, 14 minutes ago
Description : Sage DPW before 2024_12_000 is vulnerable to Cross Site Scripting (XSS). Low-privileged Sage users with employee role privileges can permanently store JavaScript code in the Kurstitel and Kurzinfo input fields. The injected payload is executed for each authenticated user who views and interacts with the modified data elements.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
