Reflected Cross-Site Scripting Vulnerability in Gladinet CentreStack
CVE-2024-37783
Currently unrated
Summary
A reflected cross-site scripting (XSS) vulnerability exists in Gladinet CentreStack v13.12.9934.54690. This flaw allows attackers to inject malicious JavaScript into a victim's web browser by manipulating the sessionId parameter during requests to /portal/ForgotPassword.aspx. If successfully exploited, this vulnerability could lead to unauthorized actions or data theft, posing significant security risks to users and organizations relying on this application.
References
Timeline
Vulnerability published