CVE-2024-10652

CHANGING Information Technology IDExpert - Reflected XSS

Description

IDExpert from CHANGING Information Technology does not properly validate a parameter for a specific functionality, allowing unauthenticated remote attackers to inject JavsScript code and perform Reflected Cross-site scripting attacks.

INFO

Published Date :

2024-11-01T09:56:32.011Z

Last Modified :

2024-11-01T13:31:48.852Z

Source :

twcert

AFFECTED PRODUCTS

The following products are affected by CVE-2024-10652 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-10652.

URL	Resource
https://www.twcert.org.tw/en/cp-139-8173-f8bbc-2.html
https://www.twcert.org.tw/tw/cp-132-8172-a02cc-1.html

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact