CVE-2024-10926

Name of the Vulnerable Software and Affected Versions IBPhoenix ibWebAdmin versions up to 1.0.2

Description A problem was found in the Tabelas Section, specifically in the file /toggle fold panel.php, where the manipulation of the argument p leads to cross-site scripting. This issue can be initiated remotely. The vendor was contacted about this disclosure but did not respond.

Recommendations For IBPhoenix ibWebAdmin versions up to 1.0.2, as a temporary workaround, consider restricting access to the /toggle fold panel.php file in the Tabelas Section to minimize the risk of exploitation. Avoid using the argument p in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.