IDExpert Vulnerability Allows for Reflected Cross-site Scripting Attacks
CVE-2024-10652
6.1MEDIUM
Key Information:
- Status
- Vendor
- CVE Published:
- 1 November 2024
What is CVE-2024-10652?
IDExpert from CHANGING Information Technology does not properly validate a parameter for a specific functionality, allowing unauthenticated remote attackers to inject JavsScript code and perform Reflected Cross-site scripting attacks.
Affected Version(s)
IDExpert 2.5 <= 2.8