← back
CVE-2022-24692

CVE-2022-24692

EPSS 0.5%
An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The new menu option within the general Parameters page is vulnerable to stored XSS. The attacker can create a menu option, make it visible to every application user, and conduct session hijacking, account takeover, or malicious code delivery, with the final goal of achieving client-side code execution.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://dsk.lu/fr/produits/temps-de-presencehttps://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2022-24688-92.pdf