Vulnerability Description
Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4.
Related Weaknesses (CWE)
References
- https://2clickportal.pl/
- https://cert.pl/en/posts/2024/06/CVE-2024-5961/
- https://cert.pl/posts/2024/06/CVE-2024-5961/
- https://2clickportal.pl/
- https://cert.pl/en/posts/2024/06/CVE-2024-5961/
- https://cert.pl/posts/2024/06/CVE-2024-5961/
FAQ
What is CVE-2024-5961?
CVE-2024-5961 is a documented vulnerability. Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted UR...
How severe is CVE-2024-5961?
CVSS scoring is not yet available for CVE-2024-5961. Check NVD for updates.
Is there a patch for CVE-2024-5961?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.