CVE-2018-12234

Name of the Vulnerable Software and Affected Versions Adrenalin version 5.4.0

Description A Reflected Cross Site Scripting issue was discovered. The user-supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the "flexiportal/GeneralInfo.aspx" endpoint, specifically through the strAction parameter.

Recommendations For version 5.4.0, avoid using the strAction parameter in the "flexiportal/GeneralInfo.aspx" endpoint until the issue is resolved. Consider restricting access to this endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.