CVE-2024-7124

Currently unrated 🤨

Key Information

Vendor: CVE Published:; 14 November 2024

Badges

👾 Exploit Exists🔴 Public PoC

Summary

Improper Neutralization of Input During Web Page Generation vulnerability in DInGO dLibra software in the parameter 'filter' in the endpoint 'indexsearch' allows a Reflected Cross-Site Scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects DInGO dLibra software in versions from 6.0 before 6.3.20.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-7124
Created by kac89

Timeline

👾
Exploit exists.
Nov 15, 2024
Vulnerability published.
Nov 14, 2024

Collectors

NVD Database1 Proof of Concept(s)