Stimulsoft · Stimulsoft Dashboard.Js · CVE-2024-24396
**Name of the Vulnerable Software and Affected Versions**
Stimulsoft Dashboard.JS versions prior to 2024.1.2
**Description**
A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via a crafted payload to the "search bar component". This enables the attacker to perform unauthorized actions on the affected system.
**Recommendations**
For versions prior to 2024.1.2, update to version 2024.1.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the search bar component to minimize the risk of exploitation.