CVE-2024-5961

Severity CVSS v4.0:

Pending analysis

Type:

CWE-79 Cross-Site Scripting (XSS)

Publication date:

14/06/2024

Last modified:

17/06/2024

Description

Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user&#39;s browser. This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4.

Impact

References to Advisories, Solutions, and Tools

https://2clickportal.pl/
https://cert.pl/en/posts/2024/06/CVE-2024-5961/
https://cert.pl/posts/2024/06/CVE-2024-5961/