Cross-Site Scripting Vulnerability in Workcube ERP by Holistic IT, Consultancy Coop
CVE-2024-12796
5.3MEDIUM
Key Information:
- Status
- Vendor
- CVE Published:
- 16 September 2025
What is CVE-2024-12796?
A Cross-Site Scripting (XSS) vulnerability exists in Workcube ERP from Holistic IT, Consultancy Coop., affecting versions V12 to V14 (up to 20250916). This vulnerability allows attackers to inject harmful scripts into web pages viewed by other users, potentially leading to data theft or unauthorized actions. Users of Workcube ERP should remain vigilant and apply available security measures to mitigate the risks associated with this flaw.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Workcube ERP V12 - V14
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Engin AYDOÄžAN