← volver
CVE-2024-5961

Reflected XSS in 2ClickPortal

CVSS 5.3 MEDIUMEPSS 1.3%CWE-79
Improper neutralization of input during web page generation vulnerability in 2ClickPortal software allows reflected cross-site scripting (XSS). An attacker might trick somebody into using a crafted URL, which will cause a script to be run in user's browser. This issue affects 2ClickPortal software versions from 7.2.31 through 7.6.4.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L/AU:Y/R:A/U:Clear
Productos afectados
Trol InterMedia Sp. z o.o. Sp. k. · 2ClickPortal

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://2clickportal.pl/https://cert.pl/en/posts/2024/06/CVE-2024-5961/https://cert.pl/posts/2024/06/CVE-2024-5961/