Unknown · Pleasanter · CVE-2024-21584
**Name of the Vulnerable Software and Affected Versions**
Pleasanter versions 1.3.49.0 and earlier
**Description**
The issue is a cross-site scripting vulnerability. If an attacker tricks the user into accessing the product with a specially crafted URL and performing a specific operation, an arbitrary script may be executed on the web browser of the user.
**Recommendations**
For versions 1.3.49.0 and earlier, update to a version that contains a fix for this issue.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.