Vulnerability Description
facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the input fields as there is insufficient input validation.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Facilemanager | Facilemanager | < 4.5.1 |
Related Weaknesses (CWE)
References
- https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caPatch
- https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqjExploitVendor Advisory
- https://github.com/WillyXJ/facileManager/commit/0aa850d4b518f10143a4c675142b15caPatch
- https://github.com/WillyXJ/facileManager/security/advisories/GHSA-h7w3-xv88-2xqjExploitVendor Advisory
FAQ
What is CVE-2024-24571?
CVE-2024-24571 is a vulnerability with a CVSS score of 5.4 (MEDIUM). facileManager is a modular suite of web apps built with the sysadmin in mind. For the facileManager web application versions 4.5.0 and earlier, we have found that XSS was present in almost all of the ...
How severe is CVE-2024-24571?
CVE-2024-24571 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-24571?
Check the references section above for vendor advisories and patch information. Affected products include: Facilemanager Facilemanager.