United Planet · Intrexx Portal Server · CVE-2024-55554
**Name of the Vulnerable Software and Affected Versions**
Intrexx Portal Server versions prior to 12.0.2
**Description**
The issue allows for Cross Site Scripting (XSS) via a user-defined portlet. This means an attacker could potentially inject malicious scripts into the portal server, affecting users who access the compromised portlet.
**Recommendations**
For versions prior to 12.0.2, update to version 12.0.2 or later to resolve the issue. As a temporary workaround, consider restricting access to user-defined portlets until the update can be applied.