CVE-2024-0891

Name of the Vulnerable Software and Affected Versions hongmaple octopus version 1.0

Description A vulnerability was found in hongmaple octopus, affecting an unknown functionality. The manipulation of the argument description with the input <script>alert(document.cookie)</script> leads to cross-site scripting. The attack can be launched remotely.

Recommendations For version 1.0, as a temporary workaround, consider restricting the input for the description argument to minimize the risk of cross-site scripting exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.