Description

MAP-OS 4.45.0 and earlier is vulnerable to Cross-Site Scripting (XSS). This vulnerability allows malicious users to insert a malicious payload into the "Client Name" input. When a service order from this client is created, the malicious payload is displayed on the administrator and employee dashboards, resulting in unauthorized script execution whenever the dashboard is loaded.

INFO

Published Date :

2024-06-25T00:00:00.000Z

Last Modified :

2024-11-01T15:28:51.878Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-36819 vulnerability.

Vendors Products
Mapos
  • Map-os
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-36819.

URL Resource
https://github.com/RamonSilva20/mapos/commit/3559bae4782162faab94670f503fd35b0f331929 cve-icon cve-icon
https://github.com/RamonSilva20/mapos/tree/master cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact