← back
CVE-2024-11021

Grand Vice info Webopac - Stored XSS

CVSS 5.4 MEDIUMEPSS 0.3%CWE-79
Webopac from Grand Vice info has Stored Cross-site Scripting vulnerability. Remote attackers with regular privileges can inject arbitrary JavaScript code into the server. When users visit the compromised page, the code is automatically executed in their browser.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected products
Grand Vice info · Webopac

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.twcert.org.tw/en/cp-139-8220-e75c2-2.htmlhttps://www.twcert.org.tw/tw/cp-132-8219-f12d0-1.html