Cross Site Scripting Vulnerability in phpIPAM
CVE-2024-41356

Currently unrated

Key Information:

Vendor

phpIPAM

Status
PHPipam
Vendor
CVE Published:
26 July 2024

What is CVE-2024-41356?

The phpIPAM product version 1.6 contains a vulnerability related to Cross Site Scripting (XSS) that can be exploited through the 'zones-edit-network.php' script in the app/admin/firewall-zones directory. This flaw allows attackers to inject malicious scripts into the web application's response, potentially compromising user sessions and data integrity. It is crucial for users and administrators of phpIPAM to be aware of this security issue and implement necessary patches or mitigation strategies to protect their systems.

References

https://github.com/phpipam/phpipam/issues/4146

Timeline

  • Vulnerability published

.