CVE-2024-2259

Vulnerability Description

This vulnerability exists in InstaRISPACS software due to insufficient validation of user supplied input for the loginTo parameter in user login module of the web interface of the application. A remote attacker could exploit this vulnerability by sending a specially crafted input to the vulnerable parameter to perform reflected Cross Site Scripting (XSS) attacks on the targeted system.

Related Weaknesses (CWE)

CWE-79

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0

FAQ

What is CVE-2024-2259?

CVE-2024-2259 is a documented vulnerability. This vulnerability exists in InstaRISPACS software due to insufficient validation of user supplied input for the loginTo parameter in user login module of the web interface of the application. A remot...

How severe is CVE-2024-2259?

CVSS scoring is not yet available for CVE-2024-2259. Check NVD for updates.

Is there a patch for CVE-2024-2259?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.