HTML Injection Vulnerability in Sunbird DCIM's dcTrack 9.1.2

CVE-2024-37773

What is CVE-2024-37773?

CVE-2024-37773 is a critical HTML injection vulnerability found in Sunbird DCIM’s dcTrack version 9.1.2. This security flaw allows authenticated administrative users to leverage their access to inject arbitrary HTML code into an administration screen. Consequently, this could lead to security breaches, including cross-site scripting (XSS) attacks, where malicious actors may exploit the injected HTML to execute harmful scripts, potentially compromising sensitive data and the integrity of the system. Users are advised to upgrade to the latest version to protect against this significant risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References