← back
CVE-2024-52882

CVE-2024-52882

CVSS 6.1 MEDIUMEPSS 0.2%CWE-79
An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to improper neutralization of input via the devices API, an attacker can inject malicious JavaScript code (XSS) to attack logged-in administrator sessions.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.audiocodes.com/solutions-products/products/management-products-solutions/one-voice-operations-centerhttps://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-076.txt