PT-2024-20249 · Setor Informatica · Setor Informatica Sil
Elizeu Das Dores
·
Published
2024-03-07
·
Updated
2025-05-13
·
CVE-2024-24035
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Setor Informatica SIL version 3.1
Description
A Cross Site Scripting (XSS) issue allows attackers to run arbitrary code via the
hmessage parameter. This enables attackers to execute malicious scripts on the affected system.Recommendations
For Setor Informatica SIL version 3.1, consider restricting access to the
hmessage parameter to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Setor Informatica Sil